Question about PenTesting and Nmap 03-09-2018, 08:05 PM
#1
Hello, i am doing some research on a few interesting topics about security and i have a question to ask.
Nmap provides a few tools and techniques that can be use to "evade" a firewall. Correct me if i am wrong but those techniques only work if the target's firewall is misconfigured. So what does a professional PenTester do if the firewall is not misconfigured or if he cannot "evade" said firewall? Are there other ways to port scan? Or does he not port scan at all and simply tries a different approach? And if so, what kind of approach?
You do not need to give me a tutorial, i am asking this for educational purposes so i only need "theory" not "practice". Thank you very much
!
Nmap provides a few tools and techniques that can be use to "evade" a firewall. Correct me if i am wrong but those techniques only work if the target's firewall is misconfigured. So what does a professional PenTester do if the firewall is not misconfigured or if he cannot "evade" said firewall? Are there other ways to port scan? Or does he not port scan at all and simply tries a different approach? And if so, what kind of approach?
You do not need to give me a tutorial, i am asking this for educational purposes so i only need "theory" not "practice". Thank you very much
!
Ordet är början på alla.
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)