Penetration Testing mailing list archives
[PEN-TEST] NAT / Stateful Packet Inspection Questions
From: Leon Rosenstein <l_rosenstein () MONTELSHOW COM>
Date: Wed, 27 Sep 2000 11:27:40 -0400
Hi everyone. This is the first time I am posting to this list so please don't flame me if the question sounds insane or is out-of-line. If you feel forced to flame me at least have enough respect do it in private. I am just curious and seeking knowledge. I would like to set up a scenario and see what the group thinks. I was trying to help my friend audit his network through a penetration test. I found the firewall impenetrable (at least by me, which does not really say that much) (insert joke about newbies here). The network has no remote access points (it does not have a VPN or any Dial-Up Servers). It has only a sever, router, & firewall. The firewall is doing both NAT and Stateful Packet Inspection (SPI from here on in). There are no rules with the exception of the default (anything going out can go out but nothing can come in unless the firewall has cached or is aware of the potential incoming connection). If the connection comes back in on a different port then the firewall expects (assumes) it will drop the connection. Is there anyway to circumvent this firewall (or any firewalls that employ NAT and SPI as there primary defense mechanisms?) Is there anyway to get direct access to the server? I have port scanned the router and found listening ports and remote administration software but I am curious as to how one could circumvent the firewall (if this is done through hijacking the router I would be curious about that also). I know very talented people in the industry read this list so any help would be much appreciated. Oh and please feel free to respond on list or off. Thanks in advance Leon
Current thread:
- [PEN-TEST] NAT / Stateful Packet Inspection Questions Leon Rosenstein (Sep 27)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Jose Nazario (Sep 27)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions David Pick (Sep 27)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Deri Jones (Sep 27)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Andre Delafontaine (Sep 27)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Dug Song (Sep 27)
- <Possible follow-ups>
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Loschiavo, Dave (Sep 29)
- Re: [PEN-TEST] NAT / Stateful Packet Inspection Questions Fred Mobach (Sep 29)