Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Black Box Red Teaming: Proxy, Virtual Private Network or TOR

published on 2021-08-01 10:47:44 UTC by Tashina
Content:

Often when conducting penetration tests, there is a need to carry out full-fledged black box testing. This is where a security professional has to deal with firewalls or other restriction mechanisms on the customer’s end. This can be an interference as penetration testers try executing checks which may be blocked periodically by, for instance, user-agent or IP address.

If there wasn’t a gray or white box testing model and our IP is not whitelisted, what can be done to bypass limitations regulated by a customer? There’s of course the possibility to evade limitations by switching our user-agent and IP address.

When we talk about user-agent, it’s easier as you may only need to install a plugin for your web browser, or switch agent in your script through a particular function. But what about the IP address? Let’s look at the pros and cons of some available methods that you can use to hide your IP address, mask your activities, evade firewalls and bypass bans.

What is a Proxy Server

Proxy servers have several forms.

HTTP relays GET/POST request. It can add your IP address to request header and store your entire history of interaction with the site.

Pros

  • Supported by almost every browser
  • Anonymity (if used properly)
  • DNS query on behalf of server

Cons

  • Works for HTTP protocol only
  • Server history
  • Can filter and replace data with proxy server

For a SOCKS Proxy, the browser will open TCP (sometimes UDP) sockets on the server’s behalf. Depending on the browser, you can also use the local DNS server and the site can track you by issuing a unique name for every request and remembering the addresses from where the DNS queries come.

Pros

  • Anonymity (when used correctly)
  • DNS queries on server’s behalf (Chrome)
  • Can forward an arbitrary TCP connection (for instance, SSH)

Cons

  • DNS queries on client’s behalf (Firefox)
  • Server history
  • Can filter and replace data with proxy server

What is a Virtual Private Network

A VPN allows a user to send and receive any data across public or shared networks. Hence, applications that run on a device across a Virtual Private Network can take advantage from the security, management and functionality of the private network. When using a VPN, the most common solution is an OpenVPN. It provides many features such as the possibility to work through UDP, undergoing NAT using SSL/TLS, split tunnelling and much more.

Pros

  • More reliable
  • Higher capability
  • Better encryption
  • Can be used as a VPN inside a VPN
  • Easier to use with a large number of tools

Cons

  • One IP for everything
  • Takes longer to connect
  • Hard to switch IPs

What is TOR

Tor network is an anonymising technology to help you get access to Tor network along with hiding your real IP address. You can either install the Tor browser or run your Tor service on a remote server used as a proxy.

You can switch your IP by using the option provided in your browser or by restarting your server’s Tor service

Pros

  • Free
  • Easy to use
  • Quick with changing locations and IPs

Cons

  • Anyone on the exit node is able to monitor your traffic
  • You cannot use Tor the same way as proxy. It’s more like the VPN method

Black box penetration test quote

Whether you are looking for a whitebox or blackbox assessment, Aardwolf security can fulfill your requirement. Get in touch today to find out more or use our interactive pen test quote form.

The post Black Box Red Teaming: Proxy, Virtual Private Network or TOR appeared first on Aardwolf Security.

Article: Black Box Red Teaming: Proxy, Virtual Private Network or TOR - published over 3 years ago.

https://aardwolfsecurity.com/black-box-red-teaming-proxy-virtual-private-network-or-tor/   
Published: 2021 08 01 10:47:44
Received: 2023 01 08 19:41:25
Feed: Latest Hacking News
Source: Latest Hacking News
Category: Cyber Security
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor