Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: source port specific port scan

Re: source port specific port scan

From: m p <sumirati_at_yahoo.de>
Date: Mon, 15 Oct 2001 04:39:05 +0200 (CEST)

 --- Rich Wilson <wk633_at_yahoo.com> schrieb:

> Does anyone know of a port scanner that allows you to specify the source
> port?
> I'm trying to test a filter that allows outbound only SMTP. My worry is that
> it is not stateful, and that an attacker using a source port of 25 can bypass
> the filter.
>

Hi Rich,

try nmap with parameter -g <source port>. Excerpt from the man page:
   
 -g <portnumber>
         Sets the source port number used in scans. Many
         naive firewall and packet filter installations make
         an exception in their ruleset to allow DNS (53) or
         FTP-DATA (20) packets to come through and establish
         a connection.

Information about nmap can be found under:
http://www.insecure.org/nmap

I hope that helps

Marc

__________________________________________________________________

Es ist soweit: das Nokia Game beginnt. Sei bereit für das multimediale Abenteuer. Melde dich bis zum 3. November bei http://de.promotions.yahoo.com/info/nokiagame an!
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 16 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]