Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Firewall bypassing tool

Re: Firewall bypassing tool

From: Michael Katz <mike_at_procinct.com>
Date: Fri, 01 Nov 2002 11:38:23 -0800

At 11/1/2002 03:28 AM, d_fence wrote:

>I read sometime ago about bypassing the firewall filters which block incoming
>(initializing) SYN packets, by sending for example a SYN-FIN packet and
>establishing that way a connection to a blocked port.. Now I`m trying to
>check wether my firewall would let through such packets, and so I`m searching
>for a tool which would does this.. Do you know any such tools?

This seems too obvious, but....

How about Fyodor's nmap? You can obtain it from http://www.insecure.org/nmap.

One of the options for scanning is -sF, which will send SYN-FIN
packets. You can also use -sA, which will send SYN-ACK packets.

There are also tools like hping (http://www.hping.org) which can be used to
test your firewall in a similar manner.

Michael Katz
mike_at_procinct.com
Procinct Security
Received on Nov 03 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos