Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - anUser190

Pages: [1]
1
Hacking and Security / Anonymous vulnerability scanning
« on: February 15, 2015, 02:12:55 am »
These tutorials are from 2012:

http://www.andrehonsberg.com/article/anonymously-scan-targets-tor-nessus-socat-fedora-16-verne-linux

http://archive.oreilly.com/pub/post/launching_attacks_via_tor.html

What are people doing nowadays? Using VPN's to hide their ip instead? Tor can't handle the ICMP messages but it looks like VPNs can.

How would you prevent Nessus or openVAS from sending ICMP?



In those tutorials it looks like they are forwarding one port to one port:
Code: [Select]
./socat TCP4-LISTEN:8080,fork SOCKS4:127.0.0.1:10.0.0.1:80,
 but don't vulnerability scanners scan many ports? So would other ports still go through the socat tunnel? thanks
 




2
Hacking and Security / Re: Vunrability Scanners
« on: February 15, 2015, 01:41:06 am »
Quote from: chapp on November 13, 2014, 09:11:41 pm
I find that scanners are very noisy and the result are too many false-positives, which you spend too much time verifying.

In case of an engagement I'd use scanners as they are "free" in terms of click and run for some hours, while you spend time doing something else and the noise is not a problem if agreed upon. Some engagements requires a more under the radar approach though.

What do you do instead of using a scanner? nmap to see what ports are open and then version them one at a time, then look up on websites to see if the versions have vulnerabilities?

Pages: [1]