Nmap and Network Scanning

10.

Firewall and IDS Evasion

10.1.

Evasion Fundamentals

10.1.1.

Detection Mechanisms

10.1.2.

Signature Avoidance

10.1.3.

Behavioral Camouflage

10.2.

Packet Fragmentation (-f)

10.2.1.

IP Fragment Creation

10.2.2.

Fragment Size Control

10.2.3.

Reassembly Challenges

10.3.

Custom MTU (--mtu)

10.3.1.

Maximum Transmission Unit

10.3.2.

Fragment Size Specification

10.3.3.

Network Path Considerations

10.4.

Decoy Scanning (-D)

10.4.1.

Multiple Source IPs

10.4.2.

Decoy Selection Strategies

10.4.3.

Traffic Obfuscation

10.4.4.

Anonymity Considerations

10.5.

Source Port Manipulation

10.5.1.

Source Port Spoofing (-g, --source-port)

10.5.2.

Trusted Port Usage

10.5.3.

Firewall Rule Bypass

10.6.

10.6.1.

Random Data Appending (--data-length)

10.6.2.

Packet Size Variation

10.6.3.

Signature Disruption

10.7.

IP Options Manipulation

10.7.1.

Record Route (--ip-options RR)

10.7.2.

Loose Source Routing (--ip-options L)

10.7.3.

Strict Source Routing (--ip-options S)

10.7.4.

Timestamp Option (--ip-options T)

10.8.

MAC Address Spoofing (--spoof-mac)

10.8.1.

Source MAC Modification

10.8.2.

Local Network Evasion

10.8.3.

Switch Table Manipulation

10.9.

Protocol-Specific Evasion

10.9.1.

TCP Flag Manipulation

10.9.2.

Sequence Number Randomization

10.9.3.

Window Size Variation

10.10.

Timing-Based Evasion

10.10.1.

10.10.2.

10.10.3.

Traffic Pattern Disruption

10.11.

Advanced Evasion Techniques

10.11.1.

10.11.2.

Tor Network Usage

10.11.3.

Previous

9. Timing and Performance Optimization

Go to top

Next

11. Nmap Scripting Engine (NSE)