Pen Testing escribió: > I've launched AppScan against a web application and I'm being > blocked/banned (since I have a dynamic IP I can reboot my router and > get another IP, which is shortly banned again, as long as the attack > persists). Since AppScan doesn't have any kind of IDS evasion (AFAIK), > what could I do?
Are you using the default template/policy? Perhaps you could edit it and/or create a new (and more relaxed) one by disabling potentially detectable checks... No idea about which checks you should eliminate... > PS: I don't know which kind of IDS is in use (perhaps it's not a > full-IDS but some anomaly detection as the one included in Checkpoint > FW-1 but I don't have that information). Any of you have more info about the kind of checks FW1 use? -- Saludos, -Roman PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
