mailing list archives
Re: [PEN-TEST] Noisy ou stealthy ?
From: a007 <a007 () isd memonet ru>
Date: Thu, 9 Nov 2000 16:04:57 +0300
Wednesday, November 08, 2000, 7:16:55 PM, you wrote:
NG> Hi pen-testers,
NG> just a question about methodology.
NG> When you are doing some pen-tests, do you use the noisy way (full port
NG> range scan, lot of scanning for cgi whitout IDS evasion techniques,
NG> brute force attacks on FTP) or the sthealthy one ?
NG> I think that the noisy way is easiest (just schedule a Nessus scan , a
NG> whisker scan and an ISS scan for the night, read the results and attack)
NG> but can't really test the efficacity of corporate defenses.
You can modify a source code of nmap to generate the same
activity from other hosts not your own. The result of this is
absolutely "noisy". Your target can't uderstand who is a real source of
If you have access to somebody traffic (for example you have a
router or you have a DVB-card and acces to satellite streams) then you can
make a tcp-session and nessus (etc...) scan from other hosts not your own.
e-mail: a007 () isd memonet ru