Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Changing Source Port during Penetration Testing?
From: warl0ck () metaeye org
Date: 8 Nov 2006 14:03:32 -0000

Changing source port for scanning or discovering
only has significance if you have a stateless
firewall, i.e firewalls that do not keep protocol state. 

Most of the firewalls and firewall devices are
stateful now days, like the iptables and Cisco PIX

For example.

If firewalls and routers block your attempts to 
scan a host if your port number is above 1023. However, many firewalls and routers allow DNS (port 53) or FTP-Data 
(port 20) packets through. If you are having difficulties getting past a firewall, try changing your port number to 53 
or 20.

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]