RE: NAT is present?

From: xxradar (xxradar@radarhack.com)
Date: Mon Sep 12 2005 - 02:21:58 EDT

• Next message: Michael Boman: "Re: Assessing a machine with 2 NICs"
• Previous message: Michael Boman: "Re: windows, nessus scanner, and a VPN"
• In reply to: pinoch0@gmail.com: "NAT is present?"
• Next in thread: Volker Tanger: "Re: NAT is present?"
• Reply: Volker Tanger: "Re: NAT is present?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey,
.1 seems to be a checkpoint firewall (264 is a checkpoint port)
I'm pretty sure that NAT rules in checkpoint can be configured to behave
like this on purpose (or by mistake)

Gr,
xxradar

-----Original Message-----
From: pinoch0@gmail.com [mailto:pinoch0@gmail.com]
Sent: Saturday, September 10, 2005 11:01 AM
To: pen-test@securityfocus.com
Subject: NAT is present?

I´m pen-testing a subnet, and when i scan the open ports i get something
similar to this:

*.*.*.1

PORT STATE SERVICE
80/tcp open http
264/tcp open bgmp
500/tcp open isakmp

*.*.*.2
PORT STATE SERVICE

80/tcp open http
              https
*.*.*.3

PORT STATE SERVICE
80/tcp open http
              https

All the host of the subnet seems to have http and https open but when i try
to connect to it a lot of then don´t back a response.
I thing that the .1 (seems to be a router) have NAT and open http and https
por all the hosts (up or down) .
Can someone help me?

----------------------------------------------------------------------------

--
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities to SQL injection, Cross site scripting and other web attacks
before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 9/10/2005
 
-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 9/10/2005
 
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Michael Boman: "Re: Assessing a machine with 2 NICs"
• Previous message: Michael Boman: "Re: windows, nessus scanner, and a VPN"
• In reply to: pinoch0@gmail.com: "NAT is present?"
• Next in thread: Volker Tanger: "Re: NAT is present?"
• Reply: Volker Tanger: "Re: NAT is present?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:52 EDT