RE: How to discover firewall rules

[Jose Nazario <jose () biocserver BIOC cwru edu>]

On Tue, 10 Jul 2001, Scott, Richard wrote:

> I'm pretty interested in how this technology works.  Are there any
> RFC/IETF/white papes that describe such techniques?

a good place to start is with the 'firewalk' paper and tool on
packetfactory.net.

some of the thins that have been kicking around with me lately to
passively and actively identify the presence, nature and rules of a
firewall include:

firewalk style techniques
presence or absence of responses to various traffic
 (ie RSTs, forged resets, nothing, etc...)
the ports some firewalls use for management (easy, yeah, but ...)
watching a heap of network traffic from upstream a chokepoint and
 observing port use (would reveal NAT possibly) and the like

just some ideas i haven't yet really gotten into playing too much with,
but i figure i'd get them out here to see what people can do with them (ie
discard them, adopt them, test them, add to them ...)

enjoy, sorry this note is a couple of days late and the like, i'm away in
vegas ...

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards