Search the Community
Showing results for tags 'decoy'.
Hi every one, I have a Windows XP system with ZoneAlarm firewall installed. I have 2 raspberry Pi computers with Nmap installed I have been attempting to use one RPI to scan the XP system but I am trying to fool ZoneAlarm into thinking the scan came from another address. So I have XP system on 192.168.0.18. ZoneAlarm installed. RPI 1 on 192,168.0.13 - set as untrusted on ZoneAlarm RPI 2 on 192.168.0.14 - set as trusted on ZoneAlarm I ran a decoy scan from RPI 1 to the XP system. I get the results from the scan but ZoneAlarm knows the scan came from 192.168.0.13 and the IP shows up in the log. I then tried a zombie scan from RPI 1 and an error is returned from Nmap saying 'Idle scan is unable to obtain meaningful results from proxy' I have searched for the error but cannot get any meaningful result. Does the system I am using as the zombie or decoy need certain ports to be opened to allow this type of scan to work? Any help much appreciatted.