Home page logo

pen-test logo Penetration Testing mailing list archives

RE: IPS Testing
From: Clone <c70n3 () yahoo co in>
Date: Tue, 8 Jan 2008 05:36:41 +0000 (GMT)

Pentestr, blocking IP addresses permanently is
definitly an issue. You should report to your customer
that their IPS should block attacks not attackers
(since attackers can spoof IP addresses)

List, has anyone come across an IPS that can identify
whether an IP is spoofed or not? If there isn't any
then blocking IP address is a no no. An attacker can
cause DoS by spoofing IP addresses of partners,
clients and vendors.

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of
Sent: Thursday, January 03, 2008 3:56 AM
To: Pentest Mailinglist
Subject: IPS Testing


I am doing a PT for a customer and found that after
running nessus 
against the target our IP is getting blocked
permanently. I want to show 
this issue to the customer.
1. Is there any specific tool that can generate
nessus traffic by 
spoofing IPs?
2. Is there any tool that can change IP on the fly?
While running nessus 
that should change source IP?

The server have only port 80 Open.

Thank you.

      Now you can chat without downloading messenger. Go to http://in.messenger.yahoo.com/webmessengerpromo.php

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]