|
Penetration Testing
mailing list archives
RE: Providers blocking portscans - bad news for pentest?
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 5 Jul 2005 11:11:10 +0300 (IDT)
On Mon, 4 Jul 2005, Erin Carroll wrote:
The system they have installed has to have a threshold of some sort before a
block is put into place (x scans per y seconds/minutes etc). Many of the
portscan tools in use have the ability to stagger or control the frequency
of probes with timeout variables, parallel host scanning options, and/or
simultaneous port probes which may help in bypassing the throttle trigger of
their new filter-bot. Nmap for instance can also modify the delay between
each probe frame to scan as quickly or as slowly as desired using the
--scan_delay flag.
OTOH since your client could also have a firewall/IPS which blocks
fast portscans it is a good idea to do slow portscans even from usual
ISP.
--
Regards,
ASK
 By Date 
By Thread
Current thread:
- Re: Remote Desktop/Term. Serv Information leakage, (continued)
| 
Intro
