Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Firewall Type Fingerprinting
From: Alex Fiuvertiz <fiuvertiz () gmail com>
Date: Thu, 19 Nov 2009 23:11:59 +0100

2009/11/19 Zaki Akhmad <zakiakhmad () gmail com>:
Hello,

Can we do firewall type fingerprinting? With what tools? I want to
know the type of the firewall in front of the web server.

--
Zaki Akhmad

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Hi,

If everything is properly configured, the correct answer is: You can't
But sometimes you're able to locate an open port which could give you
a clue what kind of fw it is.
If you, contrary to expectation, happen to find an open port, try
connect to it and se if it reveals anything (but just looking at which
port it is and google it, will most likely give you enough
information)

If you're more interested in mapping out the rulebase or/and locating
the fw, then you should read about nmap options, hping, traceroute and
firewalk.

/ AF

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]