Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: [PEN-TEST] Detecting the presence of a firewall

RE: [PEN-TEST] Detecting the presence of a firewall

From: Balunos, Don <don.balunos_at_analog.com>
Date: Tue, 15 May 2001 11:14:50 -0400

Pls clarify the ff:

Can NMAP crash a Solaris machines running FW-1
by doing UDP scan including port 0...

Regards,
Don

-----Original Message-----
From: Frank Knobbe [mailto:FKnobbe_at_KnobbeITS.com]
Sent: Monday, May 14, 2001 7:36 PM
To: PEN-TEST_at_securityfocus.com
Subject: RE: [PEN-TEST] Detecting the presence of a firewall

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original Message-----
> From: railwayclubposse_at_hushmail.com
> [mailto:railwayclubposse_at_hushmail.com]
> Sent: Monday, May 14, 2001 11:44 AM
>
> For Checkpoint, use nmap and do a TCP and OS detection scan.
> If they are
> doing one-to-many NAT the machines will be detected as
> "behind a Checkpoint
> Firewall-1 4.1 SP2 Server" or whatever. The firewall itself
> is likely to
> have some combination of TCP ports 256-259, 264-265 open for
> management,
> auth, key exchange, etc.

What criteria is nMap using? What would the result be if a) the
well-known-Checkpoint-ports are closed, and b) the default TTL has
been monkied with? (Not you, Doug)

Regards,
Frank

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.

iQA/AwUBOwBr75ytSsEygtEFEQIE4wCg+fYkOVgnUUKAJln7YbQYeNM4qzcAoM2u
8LKpwZ4q3fUbsdkz/YFxbDel
=3TZs
-----END PGP SIGNATURE-----
Received on May 15 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos