Firewall Wizards mailing list archives
Re: nmap on the internal interface of a PIX
From: antirez <antirez () linuxcare com>
Date: Thu, 14 Sep 2000 17:25:09 +0200
On Wed, Sep 13, 2000 at 05:02:45PM -0700, Chris Cappuccio wrote:
nmap has other quirks like this, too, you can't totally take everything it says literally, you have to understand what it's actually doing to make these determinations.... New packet shaping/filtering stuff plays new tricks and nmap would have to compensate for everything to be totally accurate!!!
Or you can use hping2, downloadable at http://www.kyuzz.org/antirez/hping It's simple to write some shell script that reports a lot of information. Expecially with stateful firewalls I found hping useful. To say "this port is filtered" just since you can't get some packet back is too easy. If you want not send a SYN you should try with a SYN/ACK. Some stateful firewall that ignores all other TCP packets (SYN excluded) send back a RST when a SYN/ACK reaches a stateful firewalled port. antirez -- Salvatore Sanfilippo, Open Source Developer, Linuxcare Italia spa +39.049.80 43 411 tel, +39.049.80 43 412 fax antirez () linuxcare com, http://www.linuxcare.com/ Linuxcare. Support for the revolution. _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- nmap on the internal interface of a PIX Daniel Monjar (Sep 13)
- Re: nmap on the internal interface of a PIX Robert Collins (Sep 14)
- Re: nmap on the internal interface of a PIX Chris Cappuccio (Sep 14)
- Message not available
- Re: nmap on the internal interface of a PIX Daniel Monjar (Sep 16)
- Message not available
- Re: nmap on the internal interface of a PIX antirez (Sep 16)
- <Possible follow-ups>
- RE: nmap on the internal interface of a PIX Keith Morgan (Sep 14)