Penetration Testing mailing list archives
Re: Pentest - ISA server
From: Volker Tanger <vtlists () wyae de>
Date: Tue, 31 Aug 2010 00:48:22 +0200
Greetings! "Kurt M. John" <kurt.md.john () gmail com>:
Now for my real question. They have some ISA servers that take care of all outgoing and incoming traffic. I ran nmap on them and at least one of them have over 50000 open ports.
What options did you use on NMAP? By default it runs a SYN scan (-sS), and if the firewall or server tested does some type of SYN-Flood-Protection, it will send SYN-ACK packages without actually querying the host behind it (maybe adding TCP-cookies). By default NMAP will count SYN-ACK answers to SYN queries as open port. Try running a connect scan (-sT) which runs through all the proper queries and answers of a TCP handshake and only will count correctly opened TCP sessions - but then again this will trigger connect messages in most daemon logs. Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pentest - ISA server Kurt M. John (Aug 28)
- Re: Pentest - ISA server Boyd, Chad (Aug 28)
- Re: Pentest - ISA server Ravipriya Thushara (Aug 30)
- RE: Pentest - ISA server Christopher M (Aug 31)
- Re: Pentest - ISA server Ravipriya Thushara (Aug 30)
- Re: Pentest - ISA server Paul Melson (Aug 30)
- Message not available
- Re: Pentest - ISA server TAS (Aug 30)
- Re: Pentest - ISA server Boyd, Chad (Aug 28)
- Re: Pentest - ISA server Volker Tanger (Aug 30)