Penetration Testing mailing list archives
Re: firewalk and nmap
From: "fatb" <fatb () security zz ha cn>
Date: Thu, 18 Aug 2005 23:43:45 +0800
I thought the two results are the same means. if a "closed" port run some daemon to listen any incoming request,it means "open". at this time,the hacker will make use of the "closed" port to bind a shell. ----- Original Message ----- From: "Christian Perst" <chris_perst () gmx de> To: <pen-test () securityfocus com> Sent: Wednesday, August 17, 2005 2:53 PM Subject: firewalk and nmap
Hi list, three years ago I could read that firewalk is for better use for testing ACLs on firewalls compared to nmap. Today I can test with nmap if a port on a machine is open (Syn - Syn-ack), closed or unfiltered (Syn - Rst-ack) and filterd (Syn - nothing). If firewalk does the scan on the firewall in front of the server I get open, closed and filtered. Isn't the closed port from nmap the same as an open port on the firewall? e.g. -->-------------FW--------------Server open 22 80 ports: 80 nmap will show: 22 closed 80 open .. filtered firewalk: 22 A! open (port not listen) 80 A! open (port listen) .. *no response* If a port with nmap is closed, it surely is not filterd by the FW, since I get a RST back. So is there a difference anymore? Are there any settings where firewalk can take advantage of? Thanks, Chris ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- firewalk and nmap Christian Perst (Aug 17)
- Re: firewalk and nmap fatb (Aug 18)
- <Possible follow-ups>
- RE: firewalk and nmap Irene Abezgauz (Aug 18)