-
In tcp/ip loopback is a separate entity from your actual IP address, try connecting to your actual address instead of the loopback as its slightly more realistic simulation of a remote attack. You can't really simulate a lot of attacks using this method though, plus it's too easy to accidentally use your access to the box to do stuff you couldn't normally do remotely.
-
-
Not really. THe first part was referring to using own address e.g. 172.16.2 instead of the loopback 127.0.0.1 in local pen testing which you didn't mention, and the second part was elaborating on some examples of why it doesn't work as well to test locally.
-
sorry, you're right, I had been awake for 36 hours when i posted last, I was delerious. I'm good now, though, I slept 14 hours yesterday.