Apr 23, 2012

Nmap script for "Detect Internet Connection Sharing"

Detects whether the remote device has ip forwarding or "Internet connection
sharing" enabled, by sending an ICMP echo request to a given target using
the scanned host as default gateway.

The given target can be a routed or a LAN host and needs to be able to respond
to ICMP requests (ping) in order for the test to be successful. In addition,
if the given target is a routed host, the scanned host needs to have the proper
routing to reach it.

In order to use the scanned host as default gateway Nmap needs to discover
the MAC address. This requires Nmap to be run in privileged mode and the host
to be on the LAN.
The script is here: http://seclists.org/nmap-dev/2012/q2/att-192/ip-forwarding.nse 

If you like my blog, Please Donate Me

No comments: