Penetration Testing mailing list archives

Re: NAT is present?

From: Felikz <securityfocus () felikz net>
Date: Sun, 11 Sep 2005 19:26:29 +0100

Some firewalls act as proxies as well, e.g. Symantec Enterprise Firewall(formally Raptor). Any ports that are redirected on one of the IPaddresses become open on every external facing IP address, although, onattempting to connect to the port it simply closes.


pinoch0 () gmail com wrote:

I´m pen-testing a subnet, and when i scan the open ports i get something similar to this:

*.*.*.1

PORT    STATE SERVICE
80/tcp  open  http
264/tcp open  bgmp
500/tcp open  isakmp


*.*.*.2
PORT STATE SERVICE

80/tcp  open  http
             https
*.*.*.3

PORT    STATE SERVICE
80/tcp  open  http
             https

All the host of the subnet seems to have http and https open but when i try to connect to it a lot of then don´t back a 
response.
I thing that the .1 (seems to be a router) have NAT and open http and https por all the hosts (up or down) .
Can someone help me?

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:


http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

NAT is present? pinoch0 (Sep 11)
- Re: NAT is present? Cedric Blancher (Sep 12)
- Re: NAT is present? Felikz (Sep 12)
- RE: NAT is present? xxradar (Sep 12)
  - Re: NAT is present? Volker Tanger (Sep 14)
    - RE: NAT is present? Philippe Bogaerts (Sep 15)
- <Possible follow-ups>
- RE: NAT is present? Paul Culmsee (Sep 12)