Penetration Testing mailing list archives
RE: IPS Testing
From: Clone <c70n3 () yahoo co in>
Date: Tue, 8 Jan 2008 05:36:41 +0000 (GMT)
Pentestr, blocking IP addresses permanently is definitly an issue. You should report to your customer that their IPS should block attacks not attackers (since attackers can spoof IP addresses) List, has anyone come across an IPS that can identify whether an IP is spoofed or not? If there isn't any then blocking IP address is a no no. An attacker can cause DoS by spoofing IP addresses of partners, clients and vendors.
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of pentestr Sent: Thursday, January 03, 2008 3:56 AM To: Pentest Mailinglist Subject: IPS Testing Hi, I am doing a PT for a customer and found that after running nessus against the target our IP is getting blocked permanently. I want to show this issue to the customer. 1. Is there any specific tool that can generate nessus traffic by spoofing IPs? 2. Is there any tool that can change IP on the fly? While running nessus that should change source IP? The server have only port 80 Open. Thank you. Regards. PenTestr.
Now you can chat without downloading messenger. Go to http://in.messenger.yahoo.com/webmessengerpromo.php ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: IPS Testing, (continued)
- Re: IPS Testing feel2chat (Jan 09)
- Re: IPS Testing Alexander Klimov (Jan 08)
- Re: IPS Testing Joseph McCray (Jan 08)
- Re: IPS Testing pentestr (Jan 08)
- Re: IPS Testing Daniel Clemens (Jan 15)
- Re: IPS Testing pentestr (Jan 08)
- RE: IPS Testing Maxime Ducharme (Jan 09)
- Re: IPS Testing Mike Gibson (Jan 14)
- Re: IPS Testing José M. Palazón Romero (Jan 15)
- Re: IPS Testing Clone (Jan 22)
- Re: IPS Testing Mike Gibson (Jan 14)
- RE: IPS Testing Jeremiah Brott (Jan 07)
- RE: IPS Testing Clone (Jan 09)