Nmap 6:Network exploration and security auditing Cookbook
上QQ阅读APP看书,第一时间看更新

Hiding our traffic with additional random data

Packets generated by Nmap scans usually just have the protocol headers set and, only in certain cases, include specific payloads. Nmap implements a feature to decrease the likelihood of detecting these known probes, by using random data as payloads.

This recipe describes how to send additional random data in packets sent by Nmap during a scan.

How to do it...

To append 300 bytes of random data, open your terminal and type the following command:

# nmap -sS -PS --data-length 300 scanme.nmap.org

How it works...

The argument --data-length <# of bytes> tells Nmap to generate random bytes and append them as data in the requests.

Most of the scanning techniques are supported in this method, but it is important to note that using this argument slows down a scan since we need to transmit more data with each request.

In the following screenshot, a packet generated by a default Nmap scan, and another one where we used the argument --data-length, are shown:

How it works...

There's more...

Setting the argument --data-length to 0 will force Nmap to not use any payloads in the requests:

# nmap --data-length 0 scanme.nmap.org

See also

  • The Scanning using specific port ranges recipe in Chapter 1, Nmap Fundamentals
  • The Spoofing the origin IP of a port scan recipe in Chapter 3, Gathering Additional Host Information
  • The Forcing DNS resolutions recipe
  • The Excluding hosts from your scans recipe
  • The Scanning IPv6 addresses recipe
  • The Skipping tests to speed up long scans recipe in Chapter 7, Scanning Large Networks
  • The Adjusting timing parameters recipe in Chapter 7, Scanning Large Networks
  • The Selecting the correct timing template recipe in Chapter 7, Scanning Large Networks