Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Interesting challenge
From: "Steve Goldsby (ICS)" <sgoldsby () networkarmor com>
Date: Fri, 30 Jan 2004 11:30:24 -0600

Netscreens' for instance, will block hosts that are performing
portscans.  
Teros boxes will also block most 'crafted' layer 7 attacks.

What type of scan are you doing?  

Try doing:  nmap -sS -P0 -p80 

And see what you get.  If you get filtered you're looking at a stateful
box, if you get blocked, I would say there's a proxy in there somewhere.

Steve Goldsby
www.networkarmor.com
 


-----Original Message-----
From: Sanjay K. Patel [mailto:sanjay.patel () rexwire com] 
Sent: Friday, January 30, 2004 10:43 AM
To: pen-test () securityfocus com
Subject: Interesting challenge





We are doing a pen test for a client and have run into a interesting
situation. The client has a server running IIS and Exchange we can get
to it
through a browser but when we try to run Nessus or Eeye Retina against
it,
neither product can find the server. The client is not running any IDS
system has a simple firewall. A port scan revels no open port though
port 80
is open since the server is serving pages.


SKP



------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault