Re: How to tweak tools against targets that block ICMP

[Jacky Jack <jacksonsmth698 () gmail com>]

I'm sure that you didn't get up what I mean.

I'm asking after viewing all tool's available options.

Let's move on.

Here's how Tool A works against Target A.

1. Detect if Target A is alive by sending Ping probe
2. Target A's firewall drops Ping
3. Tool A thinks Target A is dead
4. Tool A issues 'warning' to user 'Unable to Connect Target A'

The only way I can think of is to spoof "incoming ICMP Response" from Target A.
Do you know how to do this in a timely manner to fool Tool A into
thinking Target A is alive?

Thanks.

On Tue, Jul 20, 2010 at 1:03 AM, Adam Mooz <adam.mooz () gmail com> wrote:
> If you're on a 'nix machine with iptables you could always write a
> rule which blocks all outgoing ICMP packets.  Of course they could
> require the results to determine how best to proceed...
>
> ----------------------------------------------------------
> Adam Mooz
> Website: http://www.adammooz.com
>
>
>
>
> On Mon, Jul 19, 2010 at 1:28 PM, Ansgar Wiechers
> <bugtraq () planetcobalt net> wrote:
> > On 2010-07-17 Jacky Jack wrote:
> > > Some tools/scanners first send ICMP packet before they do their job.
> > >
> > > So, for some hosts which block such packets, I have no idea on how to
> > > use those tools.
> > >
> > > How can I tweak it so that I can use it?
> > >
> > > I refer to to the closed-source tools/scanners.
> >
> > Read the documentation to find out if they provide and option to prevent
> > this behavior. Don't use them unless they do.
> >
> > Regards
> > Ansgar Wiechers
> > --
> > "All vulnerabilities deserve a public fear period prior to patches
> > becoming available."
> > --Jason Coombs on Bugtraq
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------