How to detect and bypass network protection systems
The basic function of Nmap is to generate custom packets and analyze their response once they are sent to the remote hosts. This sometimes is not allowed by network protection systems such as firewalls and intrusion prevention and detection systems. In this recipe, we will discuss some of the methods that can be used to bypass these protections:
-f
(Fragment packets): Most firewalls perform stateful and stateless packet inspection for which they examine the content of the packets and decide whether to allow the packet or drop it based on its contents. In order to bypass this, Nmap provides an option to fragment the packets so that the network device will not be able to construct the packet to read the correct contents, thereby bypassing the protection.--mtu
(Maximum transmission unit specification): This works similar to the preceding method of creating packets of different sizes. With MTU you can specify the packet size in multiples of...