From: James Fryman (jfryman@gmail.com)
Date: Wed Jun 07 2006 - 14:35:47 EDT
You could spoof your packets to match the IP's of the internal network,
but you cannot expect to get them back... the best you could hope for is
some sort of internal DoS attack, or an exploit with a payload that
would return to your external address... assuming that the firewall
allows RFC1918 address inside.
.:: On 06/06/2006 07:12 PM - kratzer.jason@gmail.com wrote ::.
> Yes, I do know the range of IP addresses on the inside. I even could gain access to the internal network without bypassing the firewall if I really wanted, but as I am trying to replicate a hacker's approach, I would like to enumerate as much information as possible without using my prior knowledge of the network.
>
>
> I do not believe that the filtering rules in place on the firewall are very good, this is simply assumed based upon other security practices in place. If the firewall does not block RCF1918 addresses, would it be possible at all to firewalk information regarding the internal network? Thanks in advance as you've been very helpful in my research thus far.
>
>
> --Jason Kratzer
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
-- ------------------------- James Fryman E-Mail : jfryman@gmail.com Cell : 757.812.3126 GnuPG : 0xDAE2C750 ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:03 EDT