#  example stealth scan/ids avoidance - FatBloke
#               
# This EXAMPLE script scans a single host without being identified as 
# a port scan by an ids.  
#  This doesnt mean that the IDS will not notice it !!!
#  Honey pots and IDS /Port sentry will pickup unussual ports
#
#  example stealth scan/ids avoidance
#  - Alternating source address to confuse the analyst and IDS
#  - Time interval (two seconds ) so packets appear un related
#     which makes it time consuming
#
#######################################
# YOU MUST BE IN THE NETWORK $spoofed OR
#  on A NETWORK HOP BETWEEN IT -> TARGET
#
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
spoofed=192.9.200
target=10.0.0.1
#  target is the host to be scanned
port=1
#  port will be incremented 1-1024
saddr=2
# saddr is the starting host of the spoofed address
while [ $port -lt 1024 ]
do
# nc -vv -u  -w10 -n -z -s 192.9.200.${saddr}  $target $port 
# or
sleep 2
nmap -v -n -sU -P0 -e eth0 -p $port -S ${spoofed}.${saddr}  $target 
port=`expr $port + 1`
saddr=`expr $saddr + 1`
if [ $saddr -gt 254 ]
		then
		saddr=2
		fi
done
exit