RE: NAT is present?

["Paul Culmsee" <Paul.Culmsee () pivod com>]

That is very likely a transparent proxy/cache showing that behavior. All HTTP/S traffic, irrespective of the 
destination is being redirected to a cache server. 

Try a HTTP echo command and see if you get output. It may reveal the make of the appliance or cache software.

Regards

Paul

> -----Original Message-----
> From: pinoch0 () gmail com [mailto:pinoch0 () gmail com]
> Sent: Saturday, 10 September 2005 5:01 PM
> To: pen-test () securityfocus com
> Subject: NAT is present?
>
> I´m pen-testing a subnet, and when i scan the open ports i get something
> similar to this:
>
> *.*.*.1
>
> PORT    STATE SERVICE
> 80/tcp  open  http
> 264/tcp open  bgmp
> 500/tcp open  isakmp
>
>
> *.*.*.2
> PORT STATE SERVICE
>
> 80/tcp  open  http
>               https
> *.*.*.3
>
> PORT    STATE SERVICE
> 80/tcp  open  http
>               https
>
> All the host of the subnet seems to have http and https open but when i
> try to connect to it a lot of then don´t back a response.
> I thing that the .1 (seems to be a router) have NAT and open http and
> https por all the hosts (up or down) .
> Can someone help me?


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------