Penetration Testing mailing list archives
Re: [PEN-TEST] Firewalking
From: Jan Muenther <jan () RADIO HUNDERT6 DE>
Date: Wed, 7 Mar 2001 10:36:34 +0000
Hi,
What would be the best way to determine what kind of firewall is running on a server? Especially one that does not give out any banners. TCP-fingerprinting is not possible because there are no obvious open ports.
depends, I'd say. If they pass in (and let out) some ICMP types / codes, you might be able to fingerprint them on that. I think it was either Dragos Riu or Clayton Fiske, but one of them wrote an excellent paper about ICMP fingerprinting. Cheers, Jan -- Radio HUNDERT,6 Medien GmbH Berlin - EDV - j.muenther () radio hundert6 de
Current thread:
- [PEN-TEST] Firewalking Pepijn Vissers (Mar 06)
- Re: [PEN-TEST] Firewalking Tom Vandepoel (Mar 06)
- Re: [PEN-TEST] Firewalking Enno Rey (Mar 06)
- Re: [PEN-TEST] Firewalking Alberto Román (Mar 07)
- Re: [PEN-TEST] Firewalking honoriak (Mar 06)
- Re: [PEN-TEST] Firewalking Ivan Buetler (Mar 07)
- Re: [PEN-TEST] Firewalking Jan Muenther (Mar 07)
- [PEN-TEST] RES: [PEN-TEST] Firewalking Cristiano Lincoln Mattos (Mar 07)
- <Possible follow-ups>
- Re: [PEN-TEST] Firewalking Woch, Wojciech (Mar 08)