|
Full Disclosure
mailing list archives
Re: AppScan and IDS evasion
From: Roman Medina-Heigl Hernandez <roman () rs-labs com>
Date: Sat, 24 May 2008 16:46:43 +0200
Pen Testing escribió:
I've launched AppScan against a web application and I'm being
blocked/banned (since I have a dynamic IP I can reboot my router and
get another IP, which is shortly banned again, as long as the attack
persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK),
what could I do?
Are you using the default template/policy? Perhaps you could edit it and/or
create a new (and more relaxed) one by disabling potentially detectable
checks... No idea about which checks you should eliminate...
PS: I don't know which kind of IDS is in use (perhaps it's not a
full-IDS but some anomaly detection as the one included in Checkpoint
FW-1 but I don't have that information).
Any of you have more info about the kind of checks FW1 use?
--
Saludos,
-Roman
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
