Full Disclosure mailing list archives
Re: Help with Firewalk
From: Rudra Kamal Sinha Roy <rudrak () gmail com>
Date: Wed, 23 Mar 2005 12:16:30 +0530
Dear anamika, Firstly firewalk attempts to determine what transport protocols a given gateway will let through. The firewalk scan works by sending out TCP or UDP packets with an IP TTL one greater then the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit a TTL exceeded in transit message. If the gateway host does not allow the traffic, it will likely drop the packets on the floor and we will see no response. So mightbe your gateway needs some configuration(depending on the architecture) you are having before you go get blowing with your firewalk :) Secondly to work its magic, firewalk has two phases, a network discovery phase, and a scanning phase. Initially, to get the correct IP TTL (that will result in expired packets one beyond the gateway) we need to 'ramp up' hop counts. We do TTL ramping in the same manner that traceroute works, sending packets out with successively incremented IP TTLs, towards the destination host. Once we know the gateway hopcount (at that point the scan is 'bound') we can move onto the next phase, the actual scan which is actually very simple. Hope this will benefit you. Rudra -- Rudra kamal Sinha Roy iViZ Techno Solutions Pvt. Ltd IIT Kharagpur On 23 Mar 2005 02:36:52 -0000, anamika <sonianamikasoni () rediffmail com> wrote:
__________________________________ We would change the world... but GOD wont give us the source code. ---------- Forwarded message ---------- From: "anamika" <sonianamikasoni () rediffmail com> To: full-disclosure () lists grok org uk, pen-test () securityfocus com, dunceor () gmail com Date: Subject: Help with Firewalk Hello, I'm working on a project that uses Firewalk. My system comprises of few machines in a LAN all using RH9... one is installed as a server and others as personal workstation... Basically whenever I try to run Firewalk on my system (which uses RH9) I get foll output: Firewalk 5.0 [gateway ACL scanner] fw_init_network(): route_get() Total packets sent: 0 Total packet errors: 0 Total packets caught 0 Total packets caught of interest 0 Total ports scanned 0 Total ports open: 0 Total ports unknown: 0 I cannot understand where I am going wrong.... I guess you all have used Firewalk before... Please help me out here... Awaiting your reply eagerly, Anamika __________________________________ We would change the world... but GOD wont give us the source code. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Help with Firewalk anamika (Mar 22)
- Re: Help with Firewalk Rudra Kamal Sinha Roy (Mar 22)