Re: Firewall Type Fingerprinting

[Alex Fiuvertiz <fiuvertiz () gmail com>]

2009/11/19 Zaki Akhmad <zakiakhmad () gmail com>:
> Hello,
>
> Can we do firewall type fingerprinting? With what tools? I want to
> know the type of the firewall in front of the web server.
>
> --
> Zaki Akhmad
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

Hi,

If everything is properly configured, the correct answer is: You can't
But sometimes you're able to locate an open port which could give you
a clue what kind of fw it is.
If you, contrary to expectation, happen to find an open port, try
connect to it and se if it reveals anything (but just looking at which
port it is and google it, will most likely give you enough
information)

If you're more interested in mapping out the rulebase or/and locating
the fw, then you should read about nmap options, hping, traceroute and
firewalk.

/ AF

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------