Home page logo

pen-test logo Penetration Testing mailing list archives

Changing Source Port during Penetration Testing?
From: 09sparky () gmail com
Date: 4 Nov 2006 16:57:41 -0000

Question for PenTester,
Do most of you attempt to change the source port during a standard external Penetration Test/Vulnerability Assessment 
as part of your standard practice?  

If so, how often do you find routers/firewalls that allow for instance port 80, 53, 25, etc allowing you to forward 

I am trying to get a better feel for this concept/practice, but I have been having some trouble.  I am aware that "nmap 
-g" option will allow for changing of the source port, but I keep getting similar results back as if I didn't do it.  I 
am assuming that the router/firewall is disregarding the changed source port and not allowing it.

Does anyone have any good suggestions, papers, etc as to how I can get a better understanding of this process? I guess 
I would use netcat or fpipe to create a tunnel once I found a way in, but I am still unclear of how that works also.  

Would it be possible for someone to help me out and explain there methodology/process? (Of course the more details the 
better, but I will take what I can get)

Any help would be great,


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]