Penetration Testing mailing list archives
Re: Nmap/netwag problem.
From: ilaiy <ilaiy.e () gmail com>
Date: Fri, 12 Aug 2005 17:09:04 -0500
How about .. http://www.packetfactory.net/firewalk/ ./thanks ilaiy ==================================== http://ilaiy.blogspot.com http://howiwishihad.blogspot.com/ ==================================== On 8/12/05, ankush.kapoor () wipro com <ankush.kapoor () wipro com> wrote:
Hping is a pretty good tool. If you seriously feel that the port is being filtered at a firewall, give firewalk a shot. The paper explaining it is also very informative ;) Ankush -----Original Message----- From: Paul J Docherty [mailto:PJD () portcullis-security com] Sent: Thursday, August 11, 2005 8:38 PM To: Pete Herzog; Kaj Huisman Cc: Aleph One; pen-test () securityfocus com; Security-Basics Subject: RE: Nmap/netwag problem. Whilst the points you are making are correct once you have discovered open ports, I think you have raced ahead of the question, which was I think, "which port scanner is giving the correct results?" As many others have elegantly answered use a packet sniffer and look at the raw data to see what's going on. You have raced ahead and are bordering service discovery rather than port status, as we know there can be any number of filtering devices between the two ends, however, within TCP, which is what we are talking about here, an open port will respond to a syn with a syn/ack. As for scan methods, I tend to use both syn and full (where time permits) if time is not the key, I prefer to syn scan first then TCP Connect. With regards answering the questions you could, if you are not happy with the sniffer options use something like hping2(3) and watch the flags ie Hping2 -n -V -S -p (port no.) IP_address Paul. Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or Mailadmin () wipro com immediately and destroy all copies of this message and any attachments. ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- Re: Nmap/netwag problem., (continued)
- Re: Nmap/netwag problem. Martin Mačok (Aug 11)
- Re: Nmap/netwag problem. Josh Zlatin-Amishav (Aug 10)
- RE: Nmap/netwag problem. Drage, Nick (Aug 10)
- Re: Nmap/netwag problem. eliudgarcia (Aug 10)
- RE: Nmap/netwag problem. Irene Abezgauz (Aug 11)
- RE: Nmap/netwag problem. laurent . constantin (Aug 11)
- RE: Nmap/netwag problem. Paul J Docherty (Aug 11)
- Re: Nmap/netwag problem. Kaj Huisman (Aug 12)
- Re: Nmap/netwag problem. Fyodor (Aug 12)
- RE: Nmap/netwag problem. ankush.kapoor (Aug 12)
- Re: Nmap/netwag problem. ilaiy (Aug 12)
- RE: Nmap/netwag problem. Paul J Docherty (Aug 15)
- Re: Nmap/netwag problem. Kaj Huisman (Aug 15)