Penetration Testing mailing list archives

RE: NAT is present?

From: "xxradar" <xxradar () radarhack com>
Date: Mon, 12 Sep 2005 08:21:58 +0200

Hey,
.1 seems to be a checkpoint firewall (264 is a checkpoint port)
I'm pretty sure that NAT rules in checkpoint can be configured to behave
like this on purpose (or by mistake)


Gr,
xxradar

-----Original Message-----
From: pinoch0 () gmail com [mailto:pinoch0 () gmail com] 
Sent: Saturday, September 10, 2005 11:01 AM
To: pen-test () securityfocus com
Subject: NAT is present?

I´m pen-testing a subnet, and when i scan the open ports i get something
similar to this:

*.*.*.1

PORT    STATE SERVICE
80/tcp  open  http
264/tcp open  bgmp
500/tcp open  isakmp


*.*.*.2
PORT STATE SERVICE

80/tcp  open  http
              https
*.*.*.3

PORT    STATE SERVICE
80/tcp  open  http
              https

All the host of the subnet seems to have http and https open but when i try
to connect to it a lot of then don´t back a response.
I thing that the .1 (seems to be a router) have NAT and open http and https
por all the hosts (up or down) .
Can someone help me?

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---


--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 9/10/2005
 

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 9/10/2005
 


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

NAT is present? pinoch0 (Sep 11)
- Re: NAT is present? Cedric Blancher (Sep 12)
- Re: NAT is present? Felikz (Sep 12)
- RE: NAT is present? xxradar (Sep 12)
  - Re: NAT is present? Volker Tanger (Sep 14)
    - RE: NAT is present? Philippe Bogaerts (Sep 15)
- <Possible follow-ups>
- RE: NAT is present? Paul Culmsee (Sep 12)