Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: source port specific port scan

From: m p <sumirati () yahoo de>
Date: Mon, 15 Oct 2001 04:39:05 +0200 (CEST)
 --- Rich Wilson <wk633 () yahoo com> schrieb: 


Does anyone know of a port scanner that allows you to specify the source
port? 
I'm trying to test a filter that allows outbound only SMTP.  My worry is that
it is not stateful, and that an attacker using a source port of 25 can bypass
the filter.



Hi Rich,

try nmap with parameter -g <source port>. Excerpt from the man page:
   
 -g <portnumber>
         Sets the source port number used  in  scans.   Many
         naive firewall and packet filter installations make
         an exception in their ruleset to allow DNS (53)  or
         FTP-DATA (20) packets to come through and establish
         a connection. 


Information about nmap can be found under:
http://www.insecure.org/nmap 

I hope that helps

Marc

__________________________________________________________________

Es ist soweit: das Nokia Game beginnt. Sei bereit für das multimediale Abenteuer. Melde dich bis zum 3. November bei 
http://de.promotions.yahoo.com/info/nokiagame an!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: