Penetration Testing mailing list archives
RE: Firewalking query
From: BSK <bishan4u () yahoo co uk>
Date: Wed, 19 Oct 2005 06:43:49 +0100 (BST)
Dear Clement & Group, I think I haven't made myself clear. There is a third IP address which is a Firewall (probably Cisco PIX, from current results) that need to be assessed apart from the PT on 2 web servers. Now one of the servers is behind this firewall and other I'm not able to make out the location. On of the points that I want to express to the client is that their firewall is a single point of failure. If the firewall is compromised/DoS/Crashed their one of the webserver will also not be available. The same I cannot say for the second webserver whose details I'm not able to trace. The second webserver I'm not able to firewalk or traceroute using source/destination port 80/tcp, icmp, 53/tcp/udp, 161/udp, 69/tcp. It would be great if i can find out the location of second webserver. thnks bshan ___________________________________________________________ How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Firewalking query BSK (Oct 18)
- <Possible follow-ups>
- RE: Firewalking query BSK (Oct 19)
- RE: Firewalking query Hazel, Scott A. (Oct 19)
- RE: Firewalking query BSK (Oct 20)