Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS Testing

From: Alexander Klimov <alserkli () inbox ru>
Date: Fri, 4 Jan 2008 17:08:46 +0200 (IST)
On Thu, 3 Jan 2008, pentestr wrote:

I am doing a PT for a customer and found that after running nessus
against the target our IP is getting blocked permanently. I want to show
this issue to the customer.
1. Is there any specific tool that can generate nessus traffic by
spoofing IPs?
2. Is there any tool that can change IP on the fly? While running nessus
that should change source IP?

The server have only port 80 Open.


I guess you mean TCP/80. Unlike UDP, spoofing source IP of an open TCP
connection is not that easy: you either need to be able to guess
sequence numbers (and then you cannot see what the host has replied to
you), or you need to control network somewhere on the route from
target to the spoofed IP (probably at LAN or at target's ISP)

It is possible to use tor or anonymous HTTP proxy, but it is not
actually "spoofing".

-- 
Regards,
ASK

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: