Penetration Testing mailing list archives

Re: IPS Testing

From: "Mark Teicher" <mark.teicher () gmail com>
Date: Mon, 7 Jan 2008 13:54:09 -0500

Wouldn't the easy thing to do is post an email on the various security
lists, stating your organization is evaluating a certain security
appliance with complete IP Addresses and usernames.passwords to your
site, and let the real world determine how the product fairs in your
environment

/mark

On 1/3/08, Joshua Gimer <jgimer () gmail com> wrote:

NetSED - http://www.mirrors.wiretapped.net/security/packet-construction/netsed/netsed-README.txt

You can then run your scan against the remote network and have it
change the source address on the fly.

Josh G.

On Jan 3, 2008, at 1:56 AM, pentestr wrote:

Hi,

I am doing a PT for a customer and found that after running nessus
against the target our IP is getting blocked permanently. I want to
show this issue to the customer.
1. Is there any specific tool that can generate nessus traffic by
spoofing IPs?
2. Is there any tool that can change IP on the fly? While running
nessus that should change source IP?

The server have only port 80 Open.

Thank you.
Regards.
PenTestr.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

IPS Testing pentestr (Jan 03)
- Re: IPS Testing Joshua Gimer (Jan 07)
  - Re: IPS Testing pentestr (Jan 08)
    - AW: IPS Testing Jörg Weber (Jan 09)
  - Re: IPS Testing Mark Teicher (Jan 09)
  - Re: IPS Testing feel2chat (Jan 09)
- Re: IPS Testing Alexander Klimov (Jan 08)
- Re: IPS Testing Joseph McCray (Jan 08)
  - Re: IPS Testing pentestr (Jan 08)
    - Re: IPS Testing Daniel Clemens (Jan 15)
- RE: IPS Testing Maxime Ducharme (Jan 09)
  - Re: IPS Testing Mike Gibson (Jan 14)
    - Re: IPS Testing José M. Palazón Romero (Jan 15)
    - Re: IPS Testing Clone (Jan 22)
- <Possible follow-ups>
- RE: IPS Testing Jeremiah Brott (Jan 07)

(Thread continues...)