pcaptcpdumpnmaptcpreplay

nmap used with tcpreplay questions


i am trying a SYN attack , in a controlled environment.

My process: I started tcpdump process with filters to capture packets from one PC to another, only outgoing packets , I started a nmap process with -sS , I captured the outgoing SYN packets into a pcap file.

Now I am using tcpreplay to send the pcap file with different --pps (packets per second) to see if I can detect anything on the receiving computer.

Question:


Solution

  • I just tried it out and it seems like you can send them over and over again. They do have kind of a livespan (See TTL of IPv4 Packets: https://en.wikipedia.org/wiki/IPv4#TTL), not in terms of time, but in terms of how many hops they've been send trough, so this doesn't affect your question.