Penetration Testing mailing list archives

RE: Auditing boxes with predictable IP Sqeuence(s)

From: "Aleksander P. Czarnowski" <alekc () avet com pl>
Date: Tue, 26 Feb 2002 10:14:37 +0100

I came up with a bunch of hosts which nMap classifies as 
'unknown', but with predictable TCP Sqeuence(s).

Try passive OS fingerprinting. Personally I like siphon (although it's
OS database is a bit outdated, but you can easily add new OSes) but
there are other tools. Also run sniffer and look for connection to you
hosts. If you find one consider hijacking it. This will also reveal some
open ports. 
nmap can be very flexible in port scanning - try packet fragmentation
and source port options (-f and -g). Also try rpc and null scans. 
Just my two cents.
Regards,
Alex Czarnowski
AVET INS

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Auditing boxes with predictable IP Sqeuence(s) Ralph Los (Feb 25)
- <Possible follow-ups>
- RE: Auditing boxes with predictable IP Sqeuence(s) Aleksander P. Czarnowski (Feb 26)
- RE: Auditing boxes with predictable IP Sqeuence(s) Reidy, Patrick (Feb 26)
- Re: Auditing boxes with predictable IP Sqeuence(s) The Blueberry (Feb 27)
- RE: Auditing boxes with predictable IP Sqeuence(s) Toni Heinonen (Feb 28)