Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing: Re: [PEN-TEST] Firewalking

Re: [PEN-TEST] Firewalking

From: Woch, Wojciech <Woch_W_at_ADMIRAL.FR>
Date: Thu, 8 Mar 2001 11:37:59 +0100

> What would be the best way to determine what kind of firewall is
> running on a server? Especially one that does not give out any
> banners. TCP-fingerprinting is not possible because there are
> no obvious open ports.

If it's a Firewall-1 v4.1 and you hit a Reject rule (one that generates a
RST+ACK from the firewall), within the IP header, the ID field will be 0 and
the original TTL set to 59.
Received on Mar 08 2001

This message: [ Message body ]
Next message: Marco Galimberti: "[PEN-TEST] Common Vulverabilities and Exposures (CVE)"
Previous message: Dario Ciccarone: "Re: [PEN-TEST] Route Poisoning"
Maybe in reply to: Pepijn Vissers: "[PEN-TEST] Firewalking"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]