From: Alexander Klimov (alserkli@inbox.ru)
Date: Fri Jan 04 2008 - 10:08:46 EST
On Thu, 3 Jan 2008, pentestr wrote:
> I am doing a PT for a customer and found that after running nessus
> against the target our IP is getting blocked permanently. I want to show
> this issue to the customer.
> 1. Is there any specific tool that can generate nessus traffic by
> spoofing IPs?
> 2. Is there any tool that can change IP on the fly? While running nessus
> that should change source IP?
>
> The server have only port 80 Open.
I guess you mean TCP/80. Unlike UDP, spoofing source IP of an open TCP
connection is not that easy: you either need to be able to guess
sequence numbers (and then you cannot see what the host has replied to
you), or you need to control network somewhere on the route from
target to the spoofed IP (probably at LAN or at target's ISP)
It is possible to use tor or anonymous HTTP proxy, but it is not
actually "spoofing".
-- Regards, ASK ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:18 EDT