Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

RE: identifying
From: "Davis, Scott" <Scott_Davis () troweprice com>
Date: Thu, 31 May 2001 14:39:01 -0400
I am not sure about the Pix, but Checkpoint running on Solaris or NT could
have different timeout values based on the OS. Also the administrator could
have modified the setting,  I know when we build firewalls, we modify the OS
config to reduce the timeout in order to reduce number of concurrent
connections. 

Thanks, 
Scott Davis
Internet Security Specialist
T.Rowe Price 
(410) 345-3153 Work

-----Original Message-----
From: Mr.P.Taylor [mailto:petert () imagine-sw com]
Sent: Wednesday, May 30, 2001 4:47 PM
To: PEN-TEST () securityfocus com
Subject: identifying 


if checkpoint uses a 60sec timeout for establishing a 3way and PIX
uses a 300sec timeout (which seems too large but it's all the info I could
find on it)
and Gauntlet uses ??? could you not just send
the intial syn wait the timeout value then try to complete the handshake?
After exceeding the timeout value would the socket not be closed and
would you not get a RST back thus identifying by timeout?

  By Date           By Thread  

Current thread:
  • RE: identifying Davis, Scott (May 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]