IP Address Spoofing One effective way an attacker can evade a firewall is to appear as something else, such as a trusted host. Using spoofing to modify address information, the attacker can make the source of an attack appear to come from someplace else rather than the malicious party. Source Routing Using this technique, the … Read more
One of the more interesting systems you will encounter is a honeypot. A honeypot may sound like something out of a Winnie the Pooh book, but it is actually a device or system used to attract and trap attackers that are trying to gain access to a system. However, honeypots are far from being just … Read more
To determine a type of firewall and even a brand, you can use your experience with port scanning and tools to build information about the firewall your target is running. By identifying certain ports, you can link the results to a specific firewall and from that point determine the type of attack or process to … Read more
Not all firewalls or firewall setups are created equal, so you need to be familiar with each setup and how it works. Firewalls can be set up and arranged in several ways, each offering its own advantages and disadvantages. In this section we’ll cover each method. Bastion Host A bastion host is intended to be … Read more
Firewalls are another protective device for networks that stand in the way of a penetration tester or attacker. Firewalls represent a barrier or logical delineation between two zones or areas of trust. In its simplest form an implementation of a firewall represents the barrier between a private and a public network. When discussing firewalls, it … Read more
Signature Detection The first form of detection or recognition is based on signature; this method is also sometimes called misuse detection. The system compares traffic to known models and when matches are found it reports the attack. Pattern matching is the most basic form of detecting and is used in many systems. The process relies … Read more
Another wireless technology to consider is Bluetooth, which is seen in many mobile devices in today’s marketplace. Bluetooth refers to a short-range wireless technology commonly used to connect devices such as headsets, media players, and other types of technologies. Bluetooth operates in the 2.4 GHz frequency range and is designed to work at distances up to … Read more
The subject of wireless cards and chipsets is important. Although in many cases the chipset on the card and the wireless card itself may not matter, some tools require the presence of certain chipsets in order to function. Items to consider include: Operating system in use. Application in use. Whether packet injection is required (Windows … Read more
In order to attack, you must first find a target, and though site surveys can make this easier, they cannot help in every case. Several tools and mechanisms make locating a target network easier. The following are methods that can complement wardriving or be used on their own: OpenSignal is a useful app that can … Read more
Something else you should be aware of when talking about wireless networks is the type of antenna in use. If you are working with consumer-grade access points, this typically is not a big concern as the antenna is built in or provided with these products. However, when working with enterprise and commercial-grade access points you … Read more