Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPS Testing

From: pentestr <pentestr () gmail com>
Date: Sat, 05 Jan 2008 14:04:35 +0530
Hi,
I have achieved this by configuring a Linux iptables Gateway for me. With following configuration. I can run nessus in one of my systems and that will go through this gateway and the packet will show it is coming from the Spoofed IP. 

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERAD
iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT 
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -I POSTROUTING -o eth0 -j SNAT --to <spoofed IP>

Discussion/suggestion/advices/etc are welcome.
Regards.
PenTestr.


Hi,
I am doing a PT for a customer and found that after running nessus against the target our IP is getting blocked permanently. I want to show this issue to the customer. 1. Is there any specific tool that can generate nessus traffic by spoofing IPs? 2. Is there any tool that can change IP on the fly? While running nessus that should change source IP? 

The server have only port 80 Open.

Thank you.
Regards.
PenTestr.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: