Penetration Testing mailing list archives
Re: AppScan and IDS evasion
From: Todd Haverkos <fsbo () haverkos com>
Date: Wed, 28 May 2008 23:05:37 -0500
Pen Testing wrote:Hello, I've launched AppScan against a web application and I'm being blocked/banned (since I have a dynamic IP I can reboot my router and get another IP, which is shortly banned again, as long as the attack persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK), what could I do?
In addition to the other good suggestions, I'm not sure I saw anyone mention use of SSL, if the application/site listens on both 80 and 443, use of 443 can make your activities opaque to network IPS.... By their nature web automatic application scanners are far from stealthy. The things they try are very easy to detect with IPS. In order to evade IDS, leveraging encryption would be your best hope, pruning down the scan rate dramatically is something to try while keeping your expectations low, as well as pruning the heck out of the test set. Good luck! Best Regards, -- Todd Haverkos http://www.linkedin.com/in/toddhaverkos ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Find out now! Get Webinar Recording and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- AppScan and IDS evasion Pen Testing (May 24)
- RE: AppScan and IDS evasion Erin Carroll (May 24)
- Re: AppScan and IDS evasion Yuli Stremovsky (May 24)
- RE: AppScan and IDS evasion Erin Carroll (May 26)
- Re: AppScan and IDS evasion Yuli Stremovsky (May 24)
- Re: AppScan and IDS evasion bigbert007 (May 28)
- Re: AppScan and IDS evasion Todd Haverkos (May 29)
- Re: AppScan and IDS evasion Sanjay R (May 31)
- Re: AppScan and IDS evasion Todd Haverkos (May 29)
- RE: AppScan and IDS evasion Erin Carroll (May 24)