Penetration Testing mailing list archives
Re: To moderator - disregard my last post
From: Don Parker <dparker () bridonsecurity com>
Date: Mon, 3 Jan 2005 08:18:25 -0800
Hi Bill Well knowing the route to the computer in question will do you little good by using loose source routing to get to it. Pretty much every router will/should have LSRR packets dropped. This is in addition to the f/w probably screening those out as well. With w2k and win xp there was a problem with these packets being accepted and reversing the first hop, but once again these machines are hidden behind the hardened exterior. Also I would imagine the admins would have done the reg tweak to disable the acceptance of these packets at the OS level also. Hope this helps. Cheers, Don -------------------------------------------------------------- Don Parker, GCIA GCIH Intrusion Detection & Incident Handling Specialist Bridon Security & Training Services http://www.bridonsecurity.com voice: 1-613-302-2910 -------------------------------------------------------------- On Sun, 2 Jan 2005 21:23 , 'BillyBob' <billybobknob () hotmail com> sent:
I misunderstood how Paratrace worked. I found a GIAC study on it and now understand it is for mapping subnets NAT'd behind a firewall. It just shows hop count to server I make a valid connection to. What I would like to know is if you can route your packets to another host on the same subnet as webserver by guessing its private IP now that you know the route to it with Loose Source Routing? Thanks for your patience, Bill
Current thread:
- Re: To moderator - disregard my last post Don Parker (Jan 03)