Re: Changing Source Port during Penetration Testing?

From: warl0ck@metaeye.org
Date: Wed Nov 08 2006 - 09:03:32 EST

Next message: toggmeister@vulnerabilityassessment.co.uk: "Penetration Test Framework 0.23 Released"
Previous message: SecurityPractitioner: "DDOS Products"
Maybe in reply to: 09sparky@gmail.com: "Changing Source Port during Penetration Testing?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Changing source port for scanning or discovering
only has significance if you have a stateless
firewall, i.e firewalls that do not keep protocol state.

Most of the firewalls and firewall devices are
stateful now days, like the iptables and Cisco PIX
firewall.

For example.

If firewalls and routers block your attempts to
scan a host if your port number is above 1023. However, many firewalls and routers allow DNS (port 53) or FTP-Data (port 20) packets through. If you are having difficulties getting past a firewall, try changing your port number to 53 or 20.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Next message: toggmeister@vulnerabilityassessment.co.uk: "Penetration Test Framework 0.23 Released"
Previous message: SecurityPractitioner: "DDOS Products"
Maybe in reply to: 09sparky@gmail.com: "Changing Source Port during Penetration Testing?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:18 EDT