From: Jamie Riden (jamesr@europe.com)
Date: Tue Nov 07 2006 - 17:45:20 EST
On 7 Nov 2006 13:43:14 -0000, emptybeerkann@gmail.com
<emptybeerkann@gmail.com> wrote:
> You are right. Most firewalls are stateful now, but what if the organization isn't using a firewall? What if they are using a router or some other device instead? This technique once again becomes a viable option.
I would guess the more usual scenario is to have a stateful firewall
on the perimeter, plus maybe some ACLs applied on internal routers.
Still, you're right - trying a few different source ports may help,
and it doesn't hurt to try.
cheers,
Jamie
-- Jamie Riden, CISSP / jamesr@europe.com / jamie.riden@gmail.com NZ Honeynet project - http://www.nz-honeynet.org/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:18 EDT