Re: Testing F5 3DNS

From: Philippe Biondi (phil@secdev.org)
Date: Wed Jul 28 2004 - 18:17:53 EDT

• Next message: Vinicius Moreira Mello: "RE: Website search engine is a hacking tool.."
• Previous message: Mark Curphey: "RE: Website search engine is a hacking tool.."
• In reply to: wnorth: "Testing F5 3DNS"
• Next in thread: Max Enders: "Re: Testing F5 3DNS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Sat, 24 Jul 2004, wnorth wrote:

> So, I found something interesting during a pen test of an F5 3DNS device.
> Just doing a simple UDP port scan against the device and sourcing my port as
> udp/53 I was able to see all of the UDP services running. The next step
> would have been to try and test these services by keeping my source port as
> UDP/53. Anyone know of a way to do this, something like testing SNMP by
> sourcing as UDP/53, or some other test.

On linux, just use SNAT :
iptables -t nat -A POSTROUTING -d <target> -p udp -j SNAT --to <src>:53

-- 
Philippe Biondi <phil@ secdev.org>      SecDev.org
Security Consultant/R&D                 http://www.secdev.org
PGP KeyID:3D9A43E2  FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2

• Next message: Vinicius Moreira Mello: "RE: Website search engine is a hacking tool.."
• Previous message: Mark Curphey: "RE: Website search engine is a hacking tool.."
• In reply to: wnorth: "Testing F5 3DNS"
• Next in thread: Max Enders: "Re: Testing F5 3DNS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT