|
Penetration Testing
mailing list archives
Changing Source Port during Penetration Testing?
From: 09sparky () gmail com
Date: 4 Nov 2006 16:57:41 -0000
Question for PenTester,
Do most of you attempt to change the source port during a standard external Penetration Test/Vulnerability Assessment
as part of your standard practice?
If so, how often do you find routers/firewalls that allow for instance port 80, 53, 25, etc allowing you to forward
traffic?
I am trying to get a better feel for this concept/practice, but I have been having some trouble. I am aware that "nmap
-g" option will allow for changing of the source port, but I keep getting similar results back as if I didn't do it. I
am assuming that the router/firewall is disregarding the changed source port and not allowing it.
Does anyone have any good suggestions, papers, etc as to how I can get a better understanding of this process? I guess
I would use netcat or fpipe to create a tunnel once I found a way in, but I am still unclear of how that works also.
Would it be possible for someone to help me out and explain there methodology/process? (Of course the more details the
better, but I will take what I can get)
Any help would be great,
Thanks,
Sparky
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Changing Source Port during Penetration Testing? 09sparky (Nov 04)
|
Intro
