-   Linux - Newbie (
-   -   how to simulate external nmap scan from behind gateway (

Laertiades 01-15-2013 09:03 AM

how to simulate external nmap scan from behind gateway
I am trying to analyze my network's vulnerabilities to external hackers. I would like to do this using a computer within the network. Is this possible? Currently I am using nmap to discover open ports. Scans using my external ip address and the router's internal ip address are identical. I assume that the router knows that the probe is coming from within the network. Is there a way to trick it? Thanks for any insights or suggestions.

rmacd 01-15-2013 10:09 AM

Yes, the router knows (via its routing table) who is where. Some routers will allow you to set up a second subnet (with its own set of routes) so it wouldn't be impossible, but unlikely to be very practical.

You're trying to check vulnerabilities on the router itself, or on devices behind the router?

Assuming you've no services accessible from the outside, your best bet is in fact to educate your network users. If there are any 'vulnerabilities', it's uneducated users. Show them the differences between legitimate mail and mail which is looking to steal/phish credentials, for example. Explain policies with passwords, checking to see that the address of whichever website looks genuine before submitting any information. Stuff that, to you and I, would be fairly common sense.

A heads-up that the results of 'an nmap scan' shouldn't inspire too much confidence. Buggy web apps, misconfigured mail servers, open shares - nmap won't tell you anything about these.

Laertiades 01-15-2013 10:20 AM

Thank you rmacd. I found your post helpful and will take your advice.

All times are GMT -5. The time now is 03:33 AM.