Home page logo

pen-test logo Penetration Testing mailing list archives

SPI firewall in between
From: "Itimanth K" <itimanth () gmail com>
Date: Thu, 15 Mar 2007 10:38:16 +0530

Dear list,

Recently we have started working on a black box pen test. And I think
that the IP's which we are given are behind a SPI firewall.

Lets say these are the IP's which my client gave me


when I try to do hping on them, this is what I get

[itimanth () localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 18
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
TTL 0 during transit from ip=x.x.x.23 name=UNKNOWN

[itimanth () localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 19
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
len=46 ip=x.x.x.23 ttl=240 DF id=44266 sport=80 flags=SA seq=0
win=8190 rtt=335.5 ms

This is the case for the other IP too.

I need to find the actual IP for the device which is at hop 18. I
tried running tcpdump along with hping, but I didnt get any clue about
the IP of that device.

Any bright ideas???

Thanx in advance.



This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.


  By Date           By Thread  

Current thread:
  • SPI firewall in between Itimanth K (Mar 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]