Bugtraq mailing list archives
[announcement] Firewalk
From: mds () ES2 NET (mds () ES2 NET)
Date: Tue, 27 Oct 1998 16:03:09 -0800
es2.net security advisory [CTP enterprise security services] http://www.es2.net ============================================================================== title: gateway port scanning (firewalk) docket: 98-01 type: tool/technique severity: NIL authors: Mike D. Schiffman <mds () es2 net>, David H. Goldsmith <dhg () es2 net> ============================================================================== Firewalking A traceroute-like analysis of IP packet responses to determine gateway ACLs Firewalking uses traceroute-like IP packet analysis to determine whether or not a particular packet can pass from an attacker's host to a destination host through a packet-filtering device. This technique can be used to map 'open' or 'pass through' ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway. Also, using this technique, an attacker can map routers behind a packet-filtering device. For the complete whitepaper and code: http://www.es2.net/research/firewalk ------------------------------------------------------------------------------ Contents of the advisory are Copyright (c) 1998 Cambridge Technology Partners Enterprise Security Services, Inc. Distribution is unlimited under the condition that due credit is given and no fee is charged. ESS is a division of Cambridge Technology Partners, Inc. EOF -- | Mike D. Schiffman <mds () es2 net> | Cambridge Technology Partners, Enterprise Security Services | What Wondrous Cerebration.
Current thread:
- [announcement] Firewalk mds () ES2 NET (Oct 27)