LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 01-15-2013, 09:03 AM   #1
Laertiades
Member
 
Registered: Jul 2012
Location: Pacific Northwest
Distribution: Arch
Posts: 57

Rep: Reputation: Disabled
how to simulate external nmap scan from behind gateway


I am trying to analyze my network's vulnerabilities to external hackers. I would like to do this using a computer within the network. Is this possible? Currently I am using nmap to discover open ports. Scans using my external ip address and the router's internal ip address are identical. I assume that the router knows that the probe is coming from within the network. Is there a way to trick it? Thanks for any insights or suggestions.
 
Old 01-15-2013, 10:09 AM   #2
rmacd
LQ Newbie
 
Registered: Jan 2013
Location: Scotland
Distribution: Debian
Posts: 16

Rep: Reputation: 2
Yes, the router knows (via its routing table) who is where. Some routers will allow you to set up a second subnet (with its own set of routes) so it wouldn't be impossible, but unlikely to be very practical.

You're trying to check vulnerabilities on the router itself, or on devices behind the router?

Assuming you've no services accessible from the outside, your best bet is in fact to educate your network users. If there are any 'vulnerabilities', it's uneducated users. Show them the differences between legitimate mail and mail which is looking to steal/phish credentials, for example. Explain policies with passwords, checking to see that the address of whichever website looks genuine before submitting any information. Stuff that, to you and I, would be fairly common sense.

A heads-up that the results of 'an nmap scan' shouldn't inspire too much confidence. Buggy web apps, misconfigured mail servers, open shares - nmap won't tell you anything about these.
 
1 members found this post helpful.
Old 01-15-2013, 10:20 AM   #3
Laertiades
Member
 
Registered: Jul 2012
Location: Pacific Northwest
Distribution: Arch
Posts: 57

Original Poster
Rep: Reputation: Disabled
thanks

Thank you rmacd. I found your post helpful and will take your advice.
 
  


Reply

Tags
hacking, ip address, network, nmap, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Learn how to use nmap, and nmap GUI, a great port scan tool LXer Syndicated Linux News 0 01-03-2008 09:10 AM
nmap scan sucram2g Linux - Security 2 03-18-2006 02:21 AM
Nmap with Idle scan Ephracis Linux - Security 0 12-10-2004 05:08 AM
nmap scan from inside WannaLearnLinux Linux - Software 44 02-01-2004 12:47 AM
nmap scan loganwva Linux - Security 5 02-25-2003 07:16 PM


All times are GMT -5. The time now is 04:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration