| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 May 2008 16:46:43 +0200 From: Roman Medina-Heigl Hernandez <roman@...labs.com> To: "full-disclosure@...ts.grok.org.uk >> Full Disclosure" <full-disclosure@...ts.grok.org.uk> Subject: Re: AppScan and IDS evasion Pen Testing escribió: > I've launched AppScan against a web application and I'm being > blocked/banned (since I have a dynamic IP I can reboot my router and > get another IP, which is shortly banned again, as long as the attack > persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK), > what could I do? Are you using the default template/policy? Perhaps you could edit it and/or create a new (and more relaxed) one by disabling potentially detectable checks... No idea about which checks you should eliminate... > PS: I don't know which kind of IDS is in use (perhaps it's not a > full-IDS but some anomaly detection as the one included in Checkpoint > FW-1 but I don't have that information). Any of you have more info about the kind of checks FW1 use? -- Saludos, -Roman PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists