Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Interesting challenge

From: "Steve Goldsby (ICS)" <sgoldsby () networkarmor com>
Date: Fri, 30 Jan 2004 11:30:24 -0600
Netscreens' for instance, will block hosts that are performing
portscans.  
Teros boxes will also block most 'crafted' layer 7 attacks.

What type of scan are you doing?  

Try doing:  nmap -sS -P0 -p80 

And see what you get.  If you get filtered you're looking at a stateful
box, if you get blocked, I would say there's a proxy in there somewhere.

Steve Goldsby
www.networkarmor.com
 


-----Original Message-----
From: Sanjay K. Patel [mailto:sanjay.patel () rexwire com] 
Sent: Friday, January 30, 2004 10:43 AM
To: pen-test () securityfocus com
Subject: Interesting challenge





We are doing a pen test for a client and have run into a interesting
situation. The client has a server running IIS and Exchange we can get
to it
through a browser but when we try to run Nessus or Eeye Retina against
it,
neither product can find the server. The client is not running any IDS
system has a simple firewall. A port scan revels no open port though
port 80
is open since the server is serving pages.


SKP



------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: