[announcement] Firewalk

mdsES2.NET

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Patrick Oonk: "Re: nestea v2 against freebsd 3.0-Release"
• Previous message: enaydKRYPT.COM: "Printer Sharing and M1CR0S0FT Windows98"

es2.net security advisory                   [CTP enterprise security services]
http://www.es2.net

==============================================================================
title    : gateway port scanning (firewalk)
docket   : 98-01
type     : tool/technique
severity : NIL
authors  : Mike D. Schiffman <mdses2.net>, David H. Goldsmith <dhges2.net>
==============================================================================

                                Firewalking

A traceroute-like analysis of IP packet responses to determine gateway ACLs

Firewalking uses traceroute-like IP packet analysis to determine whether or
not a particular packet can pass from an attacker's host to a destination
host through a packet-filtering device.  This technique can be used to map
'open' or 'pass through' ports on a gateway.  More over, it can determine
whether packets with various control information can pass through a given
gateway.  Also, using this technique, an attacker can map routers behind a
packet-filtering device.

For the complete whitepaper and code:

                http://www.es2.net/research/firewalk

------------------------------------------------------------------------------

Contents of the advisory are Copyright (c) 1998 Cambridge Technology Partners
Enterprise Security Services, Inc.  Distribution is unlimited under the
condition that due credit is given and no fee is charged.

ESS is a division of Cambridge Technology Partners, Inc.

EOF

--
| Mike D. Schiffman <mdses2.net>
| Cambridge Technology Partners, Enterprise Security Services
| What Wondrous Cerebration.

• Next message: Patrick Oonk: "Re: nestea v2 against freebsd 3.0-Release"
• Previous message: enaydKRYPT.COM: "Printer Sharing and M1CR0S0FT Windows98"