Penetration Testing mailing list archives
RE: PIX and ttl
From: Jacek Lipkowski <sq5bpf () acid ch pw edu pl>
Date: Fri, 25 May 2001 20:16:48 +0200 (CEST)
On Thu, 24 May 2001, Jason Lewis wrote:
I am not sure how you identify the PIX. How do you fingerprint servers when
(this is just an example) check for any open smtp ports, if they are behind a pix (any you have 'conduit smtp 25' or something like this in the config file, which most people do), it will say: 220 SMAP (and some other crap)
you don't know what the servers are or if they are behind a PIX?
usually you don't have to (if by fingerprinting you mean nmap -O), they usually give out way too much information anyway. check the http server banner for starters, see if there is any ssh installed, try to get some mail relayed through their mailserver, like a mail delivery notofication, preferably to postmaster or webmaster asking some stupid question. by now you usually know if it is unix or nt. dig deeper... jacek
Current thread:
- PIX and ttl Fernando Cardoso (May 24)
- RE: PIX and ttl Jason Lewis (May 25)
- RE: PIX and ttl Fernando Cardoso (May 25)
- Re: PIX and ttl Konstantin Rozinov (May 27)
- RE: PIX and ttl Jacek Lipkowski (May 25)
- RE: PIX and ttl Jason Lewis (May 26)
- RE: PIX and ttl Fernando Cardoso (May 25)
- <Possible follow-ups>
- Re: PIX and ttl Fabio Pietrosanti (naif) (May 25)
- RE: PIX and ttl Fernando Cardoso (May 25)
- Re: PIX and ttl Nelson Brito (May 26)
- RE: PIX and ttl Fernando Cardoso (May 25)
- Re: RE: PIX and ttl Fernando Cardoso (May 28)
- RE: RE: PIX and ttl Filipe Almeida (May 28)
- RE: RE: PIX and ttl Dario Ciccarone (May 28)
- RE: RE: PIX and ttl Filipe Almeida (May 28)
- Re: RE: RE: PIX and ttl Fernando Cardoso (May 28)
- Re: RE: RE: PIX and ttl Eugene Tsyrklevich (May 29)
- Re: RE: RE: PIX and ttl Fernando Cardoso (May 28)
- RE: PIX and ttl Jason Lewis (May 25)