From: Ravi (whitehaat@gmail.com)
Date: Mon Dec 31 2007 - 00:29:06 EST
Hi Kish & list,
I'm kinda looking to do a decoy scanning with traffic similar to Nessus.
I understand I can't do decoy scanning with Nessus. So if there is a
tool that could send malicious traffic like Nessus to my target that
would be it!!! I'm basically trying to test a network that blocks my IP
when I scan with Nessus. I want to prove to customer that I can spoof a
source IP that would be blocked by your IPS leading to a DoS issue.
Thax.
Kish Pent wrote:
> Hey ,
>
> You must define what you mean by malicious traffic
> before crafting it, based on which the tool can be
> selected. Your aim is to send malformed packets which
> in other words you're trying to interpret as malicious
> traffic. By the way, nmap is no example for sending
> malicious traffic. Scapy is a very good packet
> crafting tool, and it can be used for subsequent
> port-scanning, protocol analysis, and best of all,
> it's just THE tool for packets. (it can do what hping
> can do for you, it can do what nmap,unicornscan or
> some other tools can do for you)
>
> You might also want to check out the www.secdev.org
> website, Philippe Biondi from EADS has written the
> tool, and given some excellent docs and ppt(s) out
> there.
>
> Cheers :)
> Kish
>
> --- Ravi <whitehaat@gmail.com> wrote:
>
>
>> Hi guys...
>>
>> Can anybody help me in finding a tool like 'nmap-(-D
>> decoy)' which can
>> send some malicious content to a system...
>>
>>
>>
>> Thanks & Regards,
>>
>> Whitehaat
>>
>>
>>
>>
>>
> ------------------------------------------------------------------------
>
>> This list is sponsored by: Cenzic
>>
>> Need to secure your web apps NOW?
>> Cenzic finds more, "real" vulnerabilities fast.
>> Click to try it, buy it or download a solution FREE
>> today!
>>
>> http://www.cenzic.com/downloads
>>
>>
> ------------------------------------------------------------------------
>
>>
>
>
> --
> Kishore, Penetration Tester,
> 17/1,Upstairs,Sarojini St,
> Smart Security, T.Nagar,
> Chennai - 600 017
>
> Phone: 91 98841 80767
>
>
> ____________________________________________________________________________________
> Looking for last minute shopping deals?
> Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:18 EDT