Penetration Testing mailing list archives
Auditing boxes with predictable IP Sqeuence(s)
From: "Ralph Los" <RLos () enteredge com>
Date: Mon, 25 Feb 2002 11:47:36 -0500
Hello, On a network I've recently had the pleasure :) to audit I came up with a bunch of hosts which nMap classifies as 'unknown', but with predictable TCP Sqeuence(s). Now...are there any tools out there for either Linux/Win2k that will allow me to exploit this type of 'vulnerability'? These hosts don't return any other open port information, so I'm guessing they're either switches, or routers or VPN concentrators...is there any way to determine which of those it most likely is? Are there any patterns to look for, when determining router/switch/vpn box?? Thanks in advance.....something I don't know and I figured I'd ask... Cheers! ----------------------------------------| Ralph M. Los Sr. Security Consultant and Trainer EnterEdge Technology, L.L.C. rlos () enteredge com (770) 955-9899 x.206 ----------------------------------------| ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Auditing boxes with predictable IP Sqeuence(s) Ralph Los (Feb 25)
- <Possible follow-ups>
- RE: Auditing boxes with predictable IP Sqeuence(s) Aleksander P. Czarnowski (Feb 26)
- RE: Auditing boxes with predictable IP Sqeuence(s) Reidy, Patrick (Feb 26)
- Re: Auditing boxes with predictable IP Sqeuence(s) The Blueberry (Feb 27)
- RE: Auditing boxes with predictable IP Sqeuence(s) Toni Heinonen (Feb 28)