Penetration Testing mailing list archives

RE: hping and firewall testing

From: Eduardo Suzuki <eduardo.ac.suzuki () gmail com>
Date: Sat, 27 Aug 2005 06:57:13 -0300

        Doug,

        Firewalk requires Libnet 1.1.0 to be compiled. It doesn't accept any
version greater than that. Nemesis is another tool that falls into the same
problem (it requires Libnet 1.0.2a).
        Currently there are two versions of Libnet, one hosted at
http://www.packetfactory.net/Projects/Libnet and another one hosted at
http://libnet.sourceforge.net. In this case you need to get the first one.
        HTH.
        Best regards,

        Eduardo Suzuki
        esuzuki_br () pop com br
        Eduardo.AC.Suzuki () gmail com
 

-----Original Message-----
From: Doug Fox [mailto:dfox168 () hotmail com] 
Sent: Friday, August 26, 2005 5:37 PM
To: Steve.Cummings () barclayscapital com; pen-test () securityfocus com
Subject: Re: hping and firewall testing

Hi Steve;

Thanks for your advice.

I am a verrry greeeen *ix person :-(  I have installed libnet at the \root 
of SuSE linux.  However, when I am trying to install Firewalk 5.0 using 
/configure.  It reported that it could not find Libnet 1.1.0.

I realize that it is a Linux question,  I am hoping a fellow subscriber 
could shed light on it.

Thanks,

DF

----- Original Message ----- 
From: <Steve.Cummings () barclayscapital com>
To: <dfox168 () hotmail com>; <pen-test () securityfocus com>
Sent: Friday, August 26, 2005 12:49 PM
Subject: Re: hping and firewall testing


Firewalk would probably be a better tool to look at


-----Original Message-----
From: Doug Fox <dfox168 () hotmail com>
To: pen-test () securityfocus com <pen-test () securityfocus com>
Sent: Fri Aug 26 02:03:49 2005
Subject: hping and firewall testing

hping2 is a feature rich utility.  However it is new to me.  Could you some 
please tell me which syntax(es) could I do to test our firewall externally?

I am trying to use HPING to find out the firewall which nmap and nessus
could not find.

The nmap syntax is nmap -v -sT sV -P0 -O.

Any suggestions/comments/advise are much appreciated.

Many thanks!

DF



------------------------------------------------------------------------
For more information about Barclays Capital, please
visit our web site at http://www.barcap.com.


Internet communications are not secure and therefore the Barclays
Group does not accept legal responsibility for the contents of this
message.  Although the Barclays Group operates anti-virus programmes,
it does not accept responsibility for any damage whatsoever that is
caused by viruses being passed.  Any views or opinions presented are
solely those of the author and do not necessarily represent those of the
Barclays Group.  Replies to this email may be monitored by the Barclays
Group for operational or business reasons.

------------------------------------------------------------------------

Current thread:

hping and firewall testing Doug Fox (Aug 26)
- Re: hping and firewall testing Alvin Oga (Aug 26)
- <Possible follow-ups>
- Re: hping and firewall testing Steve.Cummings (Aug 26)
  - Re: hping and firewall testing Doug Fox (Aug 26)
    - RE: hping and firewall testing Eduardo Suzuki (Aug 27)
- Re: hping and firewall testing Don Parker (Aug 26)