- Joined
- Oct 19, 2024
- Messages
- 3
- Reaction score
- 1
- Points
- 1
- Thread Author
-
- #1
Hi friends,
I had an idea for a DoS-like attack while being blocked by my target during a scan.
As you know, many network providers use CGNAT to deliver IPv4 connectivity.
When my target’s firewall blocks me during a scan, it’s not just blocking my individual machine (which has a private IP within the CGNAT network), but also all the other devices NATed behind that provider’s specific public IP.
Now, imagine we could cycle through all IP addresses within a certain range, spoof requests using those IP addresses as the source, and simulate scanning activity to trigger the firewall’s IP blocking mechanism. This could effectively isolate the target machine by preventing it from receiving any legitimate connections within that IP range.
Technically, this wouldn't be a traditional DoS attack... But good enough to (self)block traffic to the website.
What do you think? And does any tool already exist for this purpose?
Of course I will need a machine with a public IP for the attack, but it won't be a problem. I wonder if nowadays is still possible to easily spoof source IP address..
Cheers
I had an idea for a DoS-like attack while being blocked by my target during a scan.
As you know, many network providers use CGNAT to deliver IPv4 connectivity.
When my target’s firewall blocks me during a scan, it’s not just blocking my individual machine (which has a private IP within the CGNAT network), but also all the other devices NATed behind that provider’s specific public IP.
Now, imagine we could cycle through all IP addresses within a certain range, spoof requests using those IP addresses as the source, and simulate scanning activity to trigger the firewall’s IP blocking mechanism. This could effectively isolate the target machine by preventing it from receiving any legitimate connections within that IP range.
Technically, this wouldn't be a traditional DoS attack... But good enough to (self)block traffic to the website.
What do you think? And does any tool already exist for this purpose?
Of course I will need a machine with a public IP for the attack, but it won't be a problem. I wonder if nowadays is still possible to easily spoof source IP address..
Cheers