Penetration Testing mailing list archives
[PEN-TEST] RES: [PEN-TEST] Firewalking
From: Cristiano Lincoln Mattos <lincoln () CESAR ORG BR>
Date: Wed, 7 Mar 2001 16:32:23 -0300
Ofir Arkin presented a great paper that he wrote about fingerprinting windows hosts using ICMP at BlackHat W2K this year... it should be avalaible on the BlackHat site, or at http://www.sys-security.com/. Cristiano Lincoln Mattos, SSCP CESAR - Centro de Estudos e Sistemas Avancados do Recife
-----Mensagem original----- De: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]Em nome de Jan Muenther Enviada em: quarta-feira, 7 de marco de 2001 07:37 Para: PEN-TEST () SECURITYFOCUS COM Assunto: Re: [PEN-TEST] Firewalking Hi,What would be the best way to determine what kind of firewallis running ona server? Especially one that does not give out any banners. TCP-fingerprinting is not possible because there are no obviousopen ports. depends, I'd say. If they pass in (and let out) some ICMP types / codes, you might be able to fingerprint them on that. I think it was either Dragos Riu or Clayton Fiske, but one of them wrote an excellent paper about ICMP fingerprinting. Cheers, Jan -- Radio HUNDERT,6 Medien GmbH Berlin - EDV - j.muenther () radio hundert6 de
Current thread:
- [PEN-TEST] Firewalking Pepijn Vissers (Mar 06)
- Re: [PEN-TEST] Firewalking Tom Vandepoel (Mar 06)
- Re: [PEN-TEST] Firewalking Enno Rey (Mar 06)
- Re: [PEN-TEST] Firewalking Alberto Román (Mar 07)
- Re: [PEN-TEST] Firewalking honoriak (Mar 06)
- Re: [PEN-TEST] Firewalking Ivan Buetler (Mar 07)
- Re: [PEN-TEST] Firewalking Jan Muenther (Mar 07)
- [PEN-TEST] RES: [PEN-TEST] Firewalking Cristiano Lincoln Mattos (Mar 07)
- <Possible follow-ups>
- Re: [PEN-TEST] Firewalking Woch, Wojciech (Mar 08)