Changing Source Port during Penetration Testing?

[09sparky () gmail com]

Question for PenTester,
Do most of you attempt to change the source port during a standard external Penetration Test/Vulnerability Assessment 
as part of your standard practice?  

If so, how often do you find routers/firewalls that allow for instance port 80, 53, 25, etc allowing you to forward 
traffic?

I am trying to get a better feel for this concept/practice, but I have been having some trouble.  I am aware that "nmap 
-g" option will allow for changing of the source port, but I keep getting similar results back as if I didn't do it.  I 
am assuming that the router/firewall is disregarding the changed source port and not allowing it.

Does anyone have any good suggestions, papers, etc as to how I can get a better understanding of this process? I guess 
I would use netcat or fpipe to create a tunnel once I found a way in, but I am still unclear of how that works also.  

Would it be possible for someone to help me out and explain there methodology/process? (Of course the more details the 
better, but I will take what I can get)


Any help would be great,

Thanks,
Sparky

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------