Penetration Testing mailing list archives

Re: Testing F5 3DNS

From: Philippe Biondi <phil () secdev org>
Date: Thu, 29 Jul 2004 00:17:53 +0200 (CEST)

On Sat, 24 Jul 2004, wnorth wrote:

So, I found something interesting during a pen test of an F5 3DNS device.
Just doing a simple UDP port scan against the device and sourcing my port as
udp/53 I was able to see all of the UDP services running. The next step
would have been to try and test these services by keeping my source port as
UDP/53. Anyone know of a way to do this, something like testing SNMP by
sourcing as UDP/53, or some other test.



On linux, just use SNAT :
iptables -t nat -A POSTROUTING -d <target> -p udp -j SNAT --to <src>:53


-- 
Philippe Biondi <phil@ secdev.org>      SecDev.org
Security Consultant/R&D                 http://www.secdev.org
PGP KeyID:3D9A43E2  FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2

Current thread:

Testing F5 3DNS wnorth (Jul 28)
- Re: Testing F5 3DNS Philippe Biondi (Jul 30)
- Re: Testing F5 3DNS Max Enders (Jul 30)
- RE: Testing F5 3DNS Bradley D. Moore (Jul 30)
- Re: Testing F5 3DNS Ben Timby (Jul 30)