Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: AppScan and IDS evasion

Re: AppScan and IDS evasion

From: Sanjay R <2sanjayr_at_gmail.com>
Date: Sat, 31 May 2008 22:42:18 +0530

Hi q,
if you happen to know which IDS was in between, please do let us know.
it seems to be a good one :).. kidding

well... as being suggested by Todd, you can try SSL assuming there is
NIDS. but if its a HIDS (running on the target machine), this method
will fail. coming to your original question, u r trying to do
something that every hacker/cracker die to do (probably without
putting that much efforts that they r putting). so.. if u r authorized
to do this pentest against some web server and if u have a static IP,
u can always ask administrator to not to block your IP.

-sanjay

On Thu, May 29, 2008 at 9:35 AM, Todd Haverkos <fsbo_at_haverkos.com> wrote:
>> Pen Testing wrote:
>>> Hello,
>>>
>>> I've launched AppScan against a web application and I'm being
>>> blocked/banned (since I have a dynamic IP I can reboot my router and
>>> get another IP, which is shortly banned again, as long as the attack
>>> persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK),
>>> what could I do?
>
> In addition to the other good suggestions, I'm not sure I saw anyone
> mention use of SSL, if the application/site listens on both 80 and
> 443, use of 443 can make your activities opaque to network IPS....
>
> By their nature web automatic application scanners are far from
> stealthy. The things they try are very easy to detect with IPS. In
> order to evade IDS, leveraging encryption would be your best hope,
> pruning down the scan rate dramatically is something to try while
> keeping your expectations low, as well as pruning the heck out of the
> test set.
>
> Good luck!
>
> Best Regards,
> --
> Todd Haverkos
> http://www.linkedin.com/in/toddhaverkos
>
>
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes
> in Securing Web Applications
> Find out now! Get Webinar Recording and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
> 

-- 
Computer Security Learner
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on May 31 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]