Penetration Testing mailing list archives
RE: [PEN-TEST] Detecting the presence of a firewall
From: "Balunos, Don" <don.balunos () analog com>
Date: Tue, 15 May 2001 11:14:50 -0400
Pls clarify the ff: Can NMAP crash a Solaris machines running FW-1 by doing UDP scan including port 0... Regards, Don -----Original Message----- From: Frank Knobbe [mailto:FKnobbe () KnobbeITS com] Sent: Monday, May 14, 2001 7:36 PM To: PEN-TEST () securityfocus com Subject: RE: [PEN-TEST] Detecting the presence of a firewall -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-----Original Message----- From: railwayclubposse () hushmail com [mailto:railwayclubposse () hushmail com] Sent: Monday, May 14, 2001 11:44 AM For Checkpoint, use nmap and do a TCP and OS detection scan. If they are doing one-to-many NAT the machines will be detected as "behind a Checkpoint Firewall-1 4.1 SP2 Server" or whatever. The firewall itself is likely to have some combination of TCP ports 256-259, 264-265 open for management, auth, key exchange, etc.
What criteria is nMap using? What would the result be if a) the well-known-Checkpoint-ports are closed, and b) the default TTL has been monkied with? (Not you, Doug) Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOwBr75ytSsEygtEFEQIE4wCg+fYkOVgnUUKAJln7YbQYeNM4qzcAoM2u 8LKpwZ4q3fUbsdkz/YFxbDel =3TZs -----END PGP SIGNATURE-----
Current thread:
- RE: [PEN-TEST] Detecting the presence of a firewall, (continued)
- RE: [PEN-TEST] Detecting the presence of a firewall Ansar Mohammed (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall MadHat (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall Ansar Mohammed (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 14)
- Re: [PEN-TEST] Detecting the presence of a firewall Mule, Andrew (May 14)
- Re: [PEN-TEST] Detecting the presence of a firewall PinGer (May 16)
- RE: [PEN-TEST] Detecting the presence of a firewall Geoghegan, Glyn (ISS London) (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall Frank Knobbe (May 14)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall - Layer 2 Lance Spitzner (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall Balunos, Don (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall Frank Knobbe (May 15)
- RE: [PEN-TEST] Detecting the presence of a firewall railwayclubposse (May 16)
- RE: [PEN-TEST] Detecting the presence of a firewall Ansar Mohammed (May 14)