Jump to content

Nmap busted by IDS/IPS


Recommended Posts

Hello Everyone , I ' have noticed that nmap is easily monitor by network security team . So how can nmap not be detected or lower the packet (-f detected) oralternate of nmap or  Different technique for port scanning to minimise the the risk of detection. Scanning entire subnet without been too nosey 

Link to comment
Share on other sites

Few things you can try, but IDS systems generally log everything.

"nmap -sS -Pn target.com", "nmap -P0 -sI x.x.x.x:1234 target.com" (idle scan) where x.x.x.x:1234 is the source IP and port to scan from or return packets to/spoof, and "nmap -n -Dx.x.x.x,x.x.x.x,x.x.x.x target.com" where x.x.x.x is a list of IP's to spoof from. This last one spoof scans from multiple source IP's to help obfuscate the source of the scanning machine.

Nothing is 100% full proof in being detected by an IDS that is logging everything though.


BTW, don't post the same question multiple times. Post once, check back later. I had already replied to your other thread, which I just deleted my post from. If you can't find your last post, go to your profile to see your recent content posted, or subscribe to your own threads.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...