From: ilaiy (ilaiy.e@gmail.com)
Date: Fri Aug 12 2005 - 18:09:04 EDT
How about ..
http://www.packetfactory.net/firewalk/
./thanks
ilaiy
====================================
http://ilaiy.blogspot.com
http://howiwishihad.blogspot.com/
====================================
On 8/12/05, ankush.kapoor@wipro.com <ankush.kapoor@wipro.com> wrote:
>
> Hping is a pretty good tool. If you seriously feel that the port is
> being filtered at a firewall, give firewalk a shot. The paper explaining
> it is also very informative ;)
>
> Ankush
>
> -----Original Message-----
> From: Paul J Docherty [mailto:PJD@portcullis-security.com]
> Sent: Thursday, August 11, 2005 8:38 PM
> To: Pete Herzog; Kaj Huisman
> Cc: Aleph One; pen-test@securityfocus.com; Security-Basics
> Subject: RE: Nmap/netwag problem.
>
>
> Whilst the points you are making are correct once you have discovered
> open ports, I think you have raced ahead of the question, which was I
> think, "which port scanner is giving the correct results?" As many
> others have elegantly answered use a packet sniffer and look at the raw
> data to see what's going on. You have raced ahead and are bordering
> service discovery rather than port status, as we know there can be any
> number of filtering devices between the two ends, however, within TCP,
> which is what we are talking about here, an open port will respond to a
> syn with a syn/ack.
>
> As for scan methods, I tend to use both syn and full (where time
> permits) if time is not the key, I prefer to syn scan first then TCP
> Connect.
>
> With regards answering the questions you could, if you are not happy
> with the sniffer options use something like hping2(3) and watch the
> flags ie
>
> Hping2 -n -V -S -p (port no.) IP_address
>
> Paul.
>
>
>
> Confidentiality Notice
>
> The information contained in this electronic message and any attachments to this message are intended
> for the exclusive use of the addressee(s) and may contain confidential or privileged information. If
> you are not the intended recipient, please notify the sender at Wipro or Mailadmin@wipro.com immediately
> and destroy all copies of this message and any attachments.
>
> ------------------------------------------------------------------------------
> FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
>
> Learn the hacker's secrets that compromise wireless LANs. Secure your
> WLAN by understanding these threats, available hacking tools and proven
> countermeasures. Defend your WLAN against man-in-the-Middle attacks and
> session hijacking, denial-of-service, rogue access points, identity
> thefts and MAC spoofing. Request your complimentary white paper at:
>
> http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:44 EDT