chevron_left chevron_right
Login Register invert_colors photo_library
Thread Rating:
  • 0 Vote(s) - 0 Average


filter_list Question about PenTesting and Nmap
Author
Message
Question about PenTesting and Nmap #1
Hello, i am doing some research on a few interesting topics about security and i have a question to ask.

Nmap provides a few tools and techniques that can be use to "evade" a firewall. Correct me if i am wrong but those techniques only work if the target's firewall is misconfigured. So what does a professional PenTester do if the firewall is not misconfigured or if he cannot "evade" said firewall? Are there other ways to port scan? Or does he not port scan at all and simply tries a different approach? And if so, what kind of approach?

You do not need to give me a tutorial, i am asking this for educational purposes so i only need "theory" not "practice". Thank you very much Biggrin !
Ordet är början på alla.

Reply

RE: Question about PenTesting and Nmap #2
Many of the firewall evasion techniques nmap provides don't rely so much on "misconfiguration" as they do a lack of a security control(s) being in place. Fragmented packets will only bypass things that don't queue IP fragments, decoy cloaking only bypasses stuff that doesn't implement router path tracing (and a couple other things), spoofing the source port only works on things that allow all traffic through whatever port you specified, etc etc etc.

You can learn about all of this stuff here - https://nmap.org/book/man-bypass-firewalls-ids.html
(This post was last modified: 03-13-2018, 06:36 PM by x n.)

[+] 1 user Likes x n's post
Reply






Users browsing this thread: 1 Guest(s)