Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AppScan and IDS evasion

From: Todd Haverkos <fsbo () haverkos com>
Date: Wed, 28 May 2008 23:05:37 -0500
Pen Testing wrote:

Hello,

I've launched AppScan against a web application and I'm being
blocked/banned (since I have a dynamic IP I can reboot my router and
get another IP, which is shortly banned again, as long as the attack
persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK),
what could I do?


In addition to the other good suggestions, I'm not sure I saw anyone
mention use of SSL, if the application/site listens on both 80 and
443, use of 443 can make your activities opaque to network IPS.... 

By their nature web automatic application scanners are far from
stealthy.  The things they try are very easy to detect with IPS.  In
order to evade IDS, leveraging encryption would be your best hope,
pruning down the scan rate dramatically is something to try while
keeping your expectations low, as well as pruning the heck out of the
test set.

Good luck! 

Best Regards, 
--
Todd Haverkos  
http://www.linkedin.com/in/toddhaverkos





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: