Penetration Testing mailing list archives
Re: [PEN-TEST] Firewalking
From: Enno Rey <erey () IX URZ UNI-HEIDELBERG DE>
Date: Tue, 6 Mar 2001 22:31:37 +0100
Hi, can you reach systems protected by the fw, e.g. servers in a DMZ? Try to traceroute those systems (from a windows system, as UDP packets used by Unix traceroute probably will be blocked) or firewalk them (www.packetfactory.net/Projects/Firewalk/). Then you'll get packets generated from the fw itself which you can analyze. Have a look at the params of those packets e.g. the ttl [unix: 255-(number of hops) vs. windows: (128-nr. hops)] and others (to be found on paper on ICMP usage for scanning www.sys-security.com/html/papers.html). You could also try different DoS which affect different OSs (jolt2, bubonic.c etc.), though some work only on local subnets and furthermore this may outside the scope of your test ;-)) Regards, Enno Rey erey () security-academy de --- www.security-academy.de PGP 74C0 C7E1 3875 E4EB 9B75 8B9D 5E2D 3178 685B F222
Current thread:
- [PEN-TEST] Firewalking Pepijn Vissers (Mar 06)
- Re: [PEN-TEST] Firewalking Tom Vandepoel (Mar 06)
- Re: [PEN-TEST] Firewalking Enno Rey (Mar 06)
- Re: [PEN-TEST] Firewalking Alberto Román (Mar 07)
- Re: [PEN-TEST] Firewalking honoriak (Mar 06)
- Re: [PEN-TEST] Firewalking Ivan Buetler (Mar 07)
- Re: [PEN-TEST] Firewalking Jan Muenther (Mar 07)
- [PEN-TEST] RES: [PEN-TEST] Firewalking Cristiano Lincoln Mattos (Mar 07)
- <Possible follow-ups>
- Re: [PEN-TEST] Firewalking Woch, Wojciech (Mar 08)