Penetration Testing mailing list archives
Re: PenTesting a IPX/SPX Client
From: Rob Shein <shoten () starpower net>
Date: 15 Jul 2002 12:04:15 -0400
The first problem is that you won't be able to connect to it via IPX/SPX over the internet. If you're on the local wire, that is a different story, however. For IPX/SPX attack info, check out Nimrod Mobile Research Centre (www.nmrc.org), and I can attest that you'll find the protocol is far less secure. That said, you'll also find that it's remarkably different from TCP/IP in many ways. Some of the good news includes that it's fantastically simple (technically speaking; the sequence numbers are limited and even usually sequential) to hijack connections, and some of the bad news is that it's so different from TCP/IP that you may not find it easy to exploit. On Mon, 2002-07-15 at 08:03, st0ff st0ff wrote:
hello, i have to pentest a nt client. there is tcp/ip as well as ipx/spx installed. An ip-filter prevents accessing the box using tcp/ip. is there a possibility to do it over ipx? are there scanner-tools available like nmap? thanks 4 all answers if0ff __________________________________________________ Do You Yahoo!? Yahoo! Autos - Get free new car price quotes http://autos.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
################################################################# ################################################################# ################################################################# ##### ##### ##### ################################################################# ################################################################# ################################################################# ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- PenTesting a IPX/SPX Client st0ff st0ff (Jul 15)
- Re: PenTesting a IPX/SPX Client Rob Shein (Jul 15)
- Re: PenTesting a IPX/SPX Client Jacek Lipkowski (Jul 16)