Re: Strange server test tool

---

• From: "Xman Security" <xmansecurity@xxxxxxxxx>
• Date: Wed, 22 Feb 2006 17:41:25 -0800

---

Depending on the Server OS you are working on, there are still some
options. But I don't think there are existing tools on this.

If the server is on Linux, a tool like netfilter/iptables might be
helpful to intercept and manipulate the packet before it arrives at
the web server application. I used to working on a similar small
project called divertsocket which has not been updated for the new
kernels.
I believe there are similar tools for Windows as well.

Or, on the other hand, if you have full access to the server, you can
observe the reply TCP handshakes and fake the handshake on your
machine with a packet creating tool.

Regards,
-X


On 2/19/06, Luchino - Samel <samelinux@xxxxxxxxx> wrote:

I think that Christophe Vandeplas have understand me ... and i agree with him.
I need a test tool that request a web page with a spoofed ip and
that's not possible, but i'll look at the tool all of you have write
about.

--
Samel alias Luca

"Close the world,txen eht nepo!"
"You will never break my mind!"
http://s1.bitefight.it/c.php?uid=23270

LinuxUser:410006 eversor:316704 cortana:316705
PGP KeyID: B4234B4B FingerPrint: 46C477C939B3D0366275DB5EAFA77638B4234B4B

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

---

• References:
  • Strange server test tool
    • From: Luchino - Samel

• Prev by Date: DEF CON 14 is now in effect! The Call for Papers is open.
• Next by Date: Re: Finding Virtual ips
• Previous by thread: RE: Strange server test tool
• Next by thread: RE: Strange server test tool
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: DCOM Security. ... connection to a domain server, ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test) RE: Penetration test of 1 IP address ... You could use a whole sleth of tools on some server, ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Check your website for vulnerabilities to SQL injection, ... Up to 75% of cyber attacks are launched on shopping ... (Pen-Test) Re: ARP Spoofing and Routing ... I would like to know how to go abt spoofing arp caches, ... >What I was trying to do was arpspoof a server so that I could intercept ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... Check your website for ... (Pen-Test) Re: Vulnerability assessment for small business ... Advice them to get a server for heavens sake. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... >Hackers are concentrating their efforts on attacking applications on ... Cross site scripting and other web attacks before ... (Pen-Test) RE: ARP Spoofing and Routing ... It's pretty nice and very easy to use once you figure out the arp spoofing piece. ... >What I was trying to do was arpspoof a server so that I could intercept ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... Check your website for ... (Pen-Test)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)