4. Scan beyond Firewalls and IDS
IDSs and firewalls are efficient security mechanisms; however, they still have some security limitations. You may be required to launch attacks to exploit these limitations using various IDS/firewall
Techniques to evade IDS/firewall:
Packet Fragmentation: Send fragmented probe packets to the intended target, which re-assembles it after receiving all the fragments
Source Routing: Specifies the routing path for the malformed packet to reach the intended target
Source Port Manipulation: Manipulate the actual source port with the common source port to evade IDS/firewall
IP Address Decoy: Generate or manually specify IP addresses of the decoys so that the IDS/firewall cannot determine the actual IP address
IP Address Spoofing: Change source IP addresses so that the attack appears to be coming in as someone else
Creating Custom Packets: Send custom packets to scan the intended target beyond the firewalls
Randomizing Host Order: Scan the number of hosts in the target network in a random order to scan the intended target that is lying beyond the firewall
Sending Bad Checksums: Send the packets with bad or bogus TCP/UDP checksums to the intended target
Proxy Servers: Use a chain of proxy servers to hide the actual source of a scan and evade certain IDS/firewall restrictions
Anonymizers: Use anonymizers that allow them to bypass Internet censors and evade certain IDS and firewall rules
1. Various Firewall Evasion techniques with nmap
Fragmented scan
nmap -f 192.168.18.110
Use common source ports
nmap -g 80 192.168.18.110
It used a common port to send the traffic. So, it evades firewall.
Sending smaller packets to scan
nmap --mtu 8 192.168.18.110
it fragments the packets (maximum 8 bytes size)
Decoy scan
nmap -D RND:10 192.168.18.110
decoy hides the actual source IP in a number of random IP addresses to hide the actual identity.
Spoof mac
nmap -sT -Pn --spoof-mac 0 192.168.18.110

2. Colasoft packet builder to avoid AV
3. Custom packet in Hping3
hping3 --udp --rand-source --data 500 192.168.18.110
hping3 -S -p 80 -c 5 192.168.18.110
Flood/ DDOS with Hping3
hping3 192.168.18.110 --flood
4. Browse anonymously with proxy switcher
5.Browse anonymously with cyber Ghost
Last updated
Was this helpful?