Security Basics mailing list archives
Re: How to tweak tools against targets that block ICMP
From: Jacky Jack <jacksonsmth698 () gmail com>
Date: Tue, 20 Jul 2010 17:19:01 +0630
I'm sure that you didn't get up what I mean. I'm asking after viewing all tool's available options. Let's move on. Here's how Tool A works against Target A. 1. Detect if Target A is alive by sending Ping probe 2. Target A's firewall drops Ping 3. Tool A thinks Target A is dead 4. Tool A issues 'warning' to user 'Unable to Connect Target A' The only way I can think of is to spoof "incoming ICMP Response" from Target A. Do you know how to do this in a timely manner to fool Tool A into thinking Target A is alive? Thanks. On Tue, Jul 20, 2010 at 1:03 AM, Adam Mooz <adam.mooz () gmail com> wrote:
If you're on a 'nix machine with iptables you could always write a rule which blocks all outgoing ICMP packets. Of course they could require the results to determine how best to proceed... ---------------------------------------------------------- Adam Mooz Website: http://www.adammooz.com On Mon, Jul 19, 2010 at 1:28 PM, Ansgar Wiechers <bugtraq () planetcobalt net> wrote:On 2010-07-17 Jacky Jack wrote:Some tools/scanners first send ICMP packet before they do their job. So, for some hosts which block such packets, I have no idea on how to use those tools. How can I tweak it so that I can use it? I refer to to the closed-source tools/scanners.Read the documentation to find out if they provide and option to prevent this behavior. Don't use them unless they do. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- How to tweak tools against targets that block ICMP Jacky Jack (Jul 19)
- Re: How to tweak tools against targets that block ICMP Ansgar Wiechers (Jul 19)
- Re: How to tweak tools against targets that block ICMP Adam Mooz (Jul 19)
- Re: How to tweak tools against targets that block ICMP innate one (Jul 19)
- Re: How to tweak tools against targets that block ICMP Pen Testr (Jul 20)
- Re: How to tweak tools against targets that block ICMP Jacky Jack (Jul 20)
- Re: How to tweak tools against targets that block ICMP Adam Mooz (Jul 19)
- Re: How to tweak tools against targets that block ICMP Jacky Jack (Jul 20)
- Re: How to tweak tools against targets that block ICMP Ansgar Wiechers (Jul 20)
- Re: How to tweak tools against targets that block ICMP Ansgar Wiechers (Jul 19)
- Re: How to tweak tools against targets that block ICMP Naruto Uzumaki (Jul 19)
- RE: How to tweak tools against targets that block ICMP Demetris Papapetrou (Jul 22)
- Re: How to tweak tools against targets that block ICMP Jacky Jack (Jul 22)
- RE: How to tweak tools against targets that block ICMP Demetris Papapetrou (Jul 23)
- Re: How to tweak tools against targets that block ICMP Jacky Jack (Jul 23)