Penetration Testing mailing list archives
Re: [PEN-TEST] Noisy ou stealthy ?
From: a007 <a007 () isd memonet ru>
Date: Thu, 9 Nov 2000 16:04:57 +0300
Hi Wednesday, November 08, 2000, 7:16:55 PM, you wrote: NG> Hi pen-testers, NG> just a question about methodology. NG> When you are doing some pen-tests, do you use the noisy way (full port NG> range scan, lot of scanning for cgi whitout IDS evasion techniques, NG> brute force attacks on FTP) or the sthealthy one ? NG> I think that the noisy way is easiest (just schedule a Nessus scan , a NG> whisker scan and an ISS scan for the night, read the results and attack) NG> but can't really test the efficacity of corporate defenses. You can modify a source code of nmap to generate the same activity from other hosts not your own. The result of this is absolutely "noisy". Your target can't uderstand who is a real source of activity. If you have access to somebody traffic (for example you have a router or you have a DVB-card and acces to satellite streams) then you can make a tcp-session and nessus (etc...) scan from other hosts not your own. By -- Yevgeny V.Yourkhov e-mail: a007 () isd memonet ru
Current thread:
- [PEN-TEST] Noisy ou stealthy ? Nicolas Gregoire (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Jose Nazario (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Iván Arce (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Greg (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? andy lowton (Nov 11)
- Re: [PEN-TEST] Noisy/stealthy ? N Catlow (Nov 14)
- Re: [PEN-TEST] Noisy ou stealthy ? Don Bailey (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? a007 (Nov 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Noisy ou stealthy ? Eric Lauzon (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Dunker, Noah (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Masse, Robert (Nov 09)