Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port Scanning.

from [robert] Network Security [Permanent Link]
Subject: Re: Port Scanning.
Date: Wed, 22 Dec 2004 12:17:01 -0800 
DWreck(dwr3ckmailbox-pentest@yahoo.com)@Wed, Dec 22, 2004 at 08:29:08AM

Most IPS admins do not block port scans.  The data is fed to a SIM to
keep a "low priority" eye on who may or may not be profiling you.

Most people using IPS's have them tuned to block nachi type protocol
anomalies etc.


Sure .. but TCP SYN port scanning was just one example.  Any UDP/ICMP
(connectionless) or TCP non-established connection based triggers can be
spoofed with unicornscan as well.  The only thing that isn't currently
easy to do is TCP full connection payload injection from spoofed IP's. 
We're working on a way to do that though :).

Robret

-- 
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert@dyadsecurity.com
M - (949) 394-2033
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [in] VPN protocols, Curt Purdy
Previous by Thread:  Re: Port Scanning., robert
Next by Thread:  Re: Port Scanning., robert
Indexes:  [Date] [Thread] [Top] [All Lists]