<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Penetration Testing: RE: Providers blocking portscans - bad news for pentest?

RE: Providers blocking portscans - bad news for pentest?

From: Alexander Klimov <alserkli_at_inbox.ru>
Date: Tue, 5 Jul 2005 11:11:10 +0300 (IDT)

On Mon, 4 Jul 2005, Erin Carroll wrote:

> The system they have installed has to have a threshold of some sort before a
> block is put into place (x scans per y seconds/minutes etc). Many of the
> portscan tools in use have the ability to stagger or control the frequency
> of probes with timeout variables, parallel host scanning options, and/or
> simultaneous port probes which may help in bypassing the throttle trigger of
> their new filter-bot. Nmap for instance can also modify the delay between
> each probe frame to scan as quickly or as slowly as desired using the
> --scan_delay flag.

OTOH since your client could also have a firewall/IPS which blocks
fast portscans it is a good idea to do slow portscans even from usual
ISP.

-- 
Regards,
ASK

Received on Jul 05 2005

This message: [ Message body ]
Next message: Bénoni MARTIN: "Network audit"
Previous message: Daniele Bellucci: "Re: finding layer 2 network devices"
In reply to: Erin Carroll: "RE: Providers blocking portscans - bad news for pentest?"
Next in thread: RCS: "Re: Providers blocking portscans - bad news for pentest?"
Reply: RCS: "Re: Providers blocking portscans - bad news for pentest?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]