Hacking Etico Gratis ITA - Preparazione eJPT | eWPT | eCPPT -#8 Evasione Firewall e IDS

Introduction

This tutorial guides you through various techniques for firewall and IDS evasion using Nmap, a powerful network scanning tool. These methods are essential for ethical hacking and penetration testing, allowing you to assess network security without triggering alarms. The techniques discussed here are widely used by security professionals to bypass firewalls and improve the effectiveness of penetration testing.

Step 1: Adjusting Maximum Transmission Unit

• Purpose: Modify the size of packets sent to avoid detection by firewalls.
• Command: Use the --mtu option in Nmap.
• Example:

  nmap --mtu <value> <target>
  

• Tip: Experiment with different values to find the optimal packet size that passes through the firewall undetected.

Step 2: Configuring Data Length

• Purpose: Set the length of data packets to be short enough to evade detection.
• Command: Use the --data-length option.
• Example:

  nmap --data-length <length> <target>
  

• Tip: Ensure that the data length is consistent with the type of scan you are conducting.

Step 3: Setting Source Port

• Purpose: Change the source port of packets to avoid identification by firewalls.
• Command: Use the --source-port option.
• Example:

  nmap --source-port <port> <target>
  

• Tip: Randomize the source port for increased stealth.

Step 4: Using Decoy Packets

• Purpose: Confuse intrusion detection systems by sending fake packets along with real ones.
• Command: Use the -D option followed by your IP and decoy IPs.
• Example:

  nmap -D <decoy1>,<decoy2>,<your_IP> <target>
  

• Tip: Include multiple decoy IPs to enhance confusion.

Step 5: Fragmenting Packets

• Purpose: Break packets into smaller fragments to avoid detection.
• Command: Use the -f option.
• Example:

  nmap -f <target>
  

• Tip: Monitor the fragmented packets to ensure they are reassembled correctly on the target.

Step 6: Spoofing MAC Address

• Purpose: Change the MAC address of the packet to avoid being tracked.
• Command: Use the --spoof-mac option.
• Example:

  nmap --spoof-mac <new_mac_address> <target>
  

• Tip: Use a random MAC address to further obscure your identity.

Step 7: Conducting Stealth Scans

• Purpose: Perform scans that do not establish a full TCP connection, minimizing detection.
• Command: Use the -sS option for SYN scan.
• Example:

  nmap -sS <target>
  

• Tip: Pair with other evasion techniques for better results.

Step 8: Controlling Packet Sending Rate

• Purpose: Manage the speed at which packets are sent to avoid triggering alerts.
• Command: Use the --min-rate option.
• Example:

  nmap --min-rate <rate> <target>
  

• Tip: Adjust the rate based on the network’s responsiveness and firewalls in place.

Conclusion

By employing these techniques in Nmap, you can effectively conduct penetration tests while minimizing the risk of detection by firewalls and IDS. Remember to always operate within legal and ethical boundaries when performing security assessments. Experiment with these tools and options to find the best strategies for your specific environment.