From 179451f485b1b0c4dd8cafc2ef91d3d5da4a4e73 Mon Sep 17 00:00:00 2001 From: henri Date: Sat, 17 Aug 2013 11:47:42 +0000 Subject: [PATCH] Document --proxies option. --- docs/refguide.xml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/docs/refguide.xml b/docs/refguide.xml index c752f65b7..690d5c928 100644 --- a/docs/refguide.xml +++ b/docs/refguide.xml @@ -3434,6 +3434,44 @@ work properly. + + + Relay TCP connections via a chain of + proxies. + + + proxy + proxies + + + Asks Nmap to establish TCP connections via the supplied chain of + proxies. Connections are + established to the first node of the chain, which is in turn asked to + connect to the second one... to eventually reach the target. This + technique degrades performance, mostly by introducing latency. It is + up to the user to adjust timeouts and other scan parameters + accordingly when invoking nmap. Typically, some proxies might refuse + to handle as many concurrent connections as nmap's default + parallelism. + + The option takes a list of proxies as argument, expressed as + URLs like proto://host:port. Use commas to separate + node URLs of a chain. No authentication is supported yet. Valid + protocols are HTTP and SOCKS4. + + + Warning: this feature is still under development and has + limitations. It is implemented within the nsock library and thus has + no effect on the ping, port scanning and OS discovery phases. Only + NSE and version scan already benefit from this option. Also, SSL + connections are not supported yet, as well as proxy-side DNS + resolving (hostnames are always resolved by nmap). In other words, + the current implementation does not aim to provide strong + anonymity. + + + (Send packets with bogus TCP/UDP checksums)