|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
ICMP TYPE 3
From: gr00vy (groovy2600
yahoo.com.ar)
Date: Fri Sep 12 2003 - 23:00:26 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
While I was doing some researching work I ping a broadcast ip address
and for my surprise i recieve an extrange response:
FIRST RESPONSE:
Internet Protocol, Src Addr: 200-70-xxx-164.rse.com.ar (200.70.xxx.164),
Dst Addr: 200-70-xxx-121.rse.com.ar (200.70.xxx.121)
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
SECOND RESPONSE:
Internet Protocol, Src Addr: 172.xxx.230.242 (172.xxx.230.242), Dst
Addr: 200-70-xxx-121.rse.com.ar (200.70.xxx.121)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 13 (Communication administratively filtered) <<< Weird!
The OS's seems to be (xprobe):
First ROUTER
[+] Host 200.70.xxx.164 Running OS: "HP JetDirect ROM G.07.02 EEPROM
G.07.20" (Guess probability: 87%)
Second ROUTER
[+] Host 172.xxx.230.242 Running OS: "Cisco IOS 12.2" (Guess
probability: 71%)
My question is, what is it? an ACL? why do i get a response of a machine
i did not ping??? maybe it is a extrange behavior from Cisco ios.
This might help to fingerprint Os's who knows ????
Bye
--
gr00vy <groovy2600yahoo.com.ar>
Linux User -- ZenCracking.com.ar
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]