Home page logo
/

pen-test logo Penetration Testing mailing list archives

SPI firewall in between
From: "Itimanth K" <itimanth () gmail com>
Date: Thu, 15 Mar 2007 10:38:16 +0530

Dear list,

Recently we have started working on a black box pen test. And I think
that the IP's which we are given are behind a SPI firewall.

Lets say these are the IP's which my client gave me

x.x.x.23
x.x.x.24

when I try to do hping on them, this is what I get


[itimanth () localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 18
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
TTL 0 during transit from ip=x.x.x.23 name=UNKNOWN


[itimanth () localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 19
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
len=46 ip=x.x.x.23 ttl=240 DF id=44266 sport=80 flags=SA seq=0
win=8190 rtt=335.5 ms


This is the case for the other IP too.

I need to find the actual IP for the device which is at hop 18. I
tried running tcpdump along with hping, but I didnt get any clue about
the IP of that device.

Any bright ideas???

Thanx in advance.

Regards,

Itimanth

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • SPI firewall in between Itimanth K (Mar 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]