Recorded March 29, 2018
Evading Network-Based Detection Mechanisms
In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pentesting tools like Nmap when no evasion options are used. Additionally, companies are doing a better job at detecting and blocking IP addresses performing password attacks. Proxycannon is a tool that allows pentesters to spin up multiple servers to proxy attempts through to bypass some of these detection mechanisms.
Links: Nmap Evasion Options - https://nmap.org/book/man-bypass-firewalls-ids.html ProxyCannon - https://www.shellntel.com/blog/2016/1/14/update-to-proxycannon