Penetration Testing mailing list archives

RE: [PEN-TEST] Detecting the presence of a firewall

From: railwayclubposse () hushmail com
Date: Tue, 15 May 2001 10:49:14 -0500 (EDT)

You get the same results if the default Checkpoint ports are closed. You 
still need to find one or two open ports, but they don't have to be on the 
firewall itself. The giveaway is in how the headers are rewritten for one-
to-many NAT. 

Frank Knobbe [FKnobbe () KnobbeITS com] wrote:

What criteria is nMap using? What would the result be if a) the
well-known-Checkpoint-ports are closed, and b) the default TTL has
been monkied with? (Not you, Doug)

Regards,
Frank

Free, encrypted, secure Web-based email at www.hushmail.com

Current thread:

[PEN-TEST] Detecting the presence of a firewall priya subramanian (May 11)
- RE: [PEN-TEST] Detecting the presence of a firewall Ansar Mohammed (May 14)
  - RE: [PEN-TEST] Detecting the presence of a firewall MadHat (May 14)
- <Possible follow-ups>
- RE: [PEN-TEST] Detecting the presence of a firewall Ansar Mohammed (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 14)
- Re: [PEN-TEST] Detecting the presence of a firewall Mule, Andrew (May 14)
  - Re: [PEN-TEST] Detecting the presence of a firewall PinGer (May 16)
- RE: [PEN-TEST] Detecting the presence of a firewall Geoghegan, Glyn (ISS London) (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall Frank Knobbe (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 15)
  - RE: [PEN-TEST] Detecting the presence of a firewall - Layer 2 Lance Spitzner (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall Balunos, Don (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall Frank Knobbe (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 16)