Penetration Testing mailing list archives
Blocking Port scans
From: BSK <bishan4u () yahoo co uk>
Date: Mon, 24 Oct 2005 12:34:30 +0100 (BST)
Hello Everyone, Just wanted some feedback from you people. I'm doing a Firewall Assessment for a CISCO PIX firewall. The firewall allows SYN, FIN, NULL and XMAS scans but blocks ACK scans (largely means its a stateful firewall). Now what do we do to block the scans that are allowed. I think it should be easy to block FIN, NULL and XMAS scans but how do we block or limit or workaround a SYN scan. 1 way that I think is probably blocking or limiting the packets from the source (using IDS/IPS) Looking ahead to some ideas, thoughts, hints. thns bshan ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Blocking Port scans BSK (Oct 24)
- Re: Blocking Port scans Ivan . (Oct 24)
- Re: Blocking Port scans robert (Oct 24)
- Re: Blocking Port scans Justin (Oct 24)
- Re: Blocking Port scans Terry Vernon (Oct 24)
- Re: Blocking Port scans Chris Moody (Oct 25)
- Re: Blocking Port scans Georgi Alexandrov (Oct 26)
- <Possible follow-ups>
- RE: Blocking Port scans Josh Perrymon (Oct 24)
- RE: Blocking Port scans Geelen, Ruud (Oct 31)