RE: ipforwarding enabled, what can I do

[BOVO Marcelo DICAU <BAIMAB () techint net>]

Vladimir,

Try with a tool which allows source routing (like netcat). I'm not sure but
i think there is a limitation in the number of hops you can specify, so, if
you aren't close enough it won't work.

Hope this help.
Regards

Marcelo

-----Mensaje original-----
De: PUB: Vladimir Parkhaev [mailto:vladimir () arobas NOSPAM net]
Enviado el: Jueves 16 de Agosto de 2001 15:55
Para: PEN-TEST () securityfocus com
Asunto: ipforwarding enabled, what can I do



I am doing a vulnerability assesment for one of our clients. One
of their boxes is a multihomed Solaris server with ipforwarding enabled.
IP addresses are available via snmp with default community string.

I tried to use this box as a gateway to internal network coming
from the Internet without success.  I also looked at source
routing but did not find any tools (Net::RawIP does not seem
to support IP options).

Does anybody know how I can use this box to do routing for me?

Thanks.

-- 
print chr hex for qw +
2D 2D 0A 76 6C 61 64 69 6D 69 72 40 61 72 6F 62 61 73 2E 6E 65 74 0A 44 38
37 44 20 44 32 46 42 20 46 31 36 33 20 46 31 43 31 20 34 32 30 41 20 20 31
44 31 46 20 36 43 42 39 20 31 46 38 39 20 38 35 30 42 20 30 38 44 44 0A +;

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/