Penetration Testing mailing list archives
RE: Firewalls & SSL
From: "Yoann Le Corvic" <Yoann.LeCorvic () linkvest com>
Date: Wed, 10 Oct 2001 10:03:11 +0200
Hello
1) How do I determine the router and firewall IPs and type of firewalls/router used?
Have you tried the -O option of NMAP, that could at least give you a guess of the OS on which the firewall is running, and at best, the type of firewall
2) How can I bypass the firewall to exploit the open ports on the servers?
The only thing I can think of here is to use packet fragmentation. That worked in the past, but more an more firewalls have fixed the problem
3) How can I exploit secured (SSL) web server?
I would think the same way you would do a not secure one. For example, you can still attempt unicode exploits, wether it is https or not, just replace http by https. Unless they use authentication as well...
Appreciate any useful information from anyone out there........ Thanks, Niumal ===== Niumal Weerasena Mobile : +6 012 - 2112654 Email : niumal () yahoo com __________________________________________________ Do You Yahoo!? NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Firewalls & SSL niumal weerasena (Oct 09)
- <Possible follow-ups>
- RE: Firewalls & SSL Yoann Le Corvic (Oct 10)
- RE: Firewalls & SSL Paul Midian (Oct 10)