Vulnerability Development mailing list archives
Re: Firewall bypassing tool
From: Michael Katz <mike () procinct com>
Date: Fri, 01 Nov 2002 11:38:23 -0800
At 11/1/2002 03:28 AM, d_fence wrote:
I read sometime ago about bypassing the firewall filters which block incoming (initializing) SYN packets, by sending for example a SYN-FIN packet and establishing that way a connection to a blocked port.. Now I`m trying to check wether my firewall would let through such packets, and so I`m searching for a tool which would does this.. Do you know any such tools?
This seems too obvious, but.... How about Fyodor's nmap? You can obtain it from http://www.insecure.org/nmap.One of the options for scanning is -sF, which will send SYN-FIN packets. You can also use -sA, which will send SYN-ACK packets.
There are also tools like hping (http://www.hping.org) which can be used to test your firewall in a similar manner.
Michael Katz mike () procinct com Procinct Security
Current thread:
- Firewall bypassing tool d_fence (Nov 01)
- Re: Firewall bypassing tool Michael Katz (Nov 03)
- Re: Firewall bypassing tool Frank Knobbe (Nov 04)
- Re: Firewall bypassing tool Fyodor (Nov 04)
- Re: Firewall bypassing tool Frank Knobbe (Nov 04)
- Re: Firewall bypassing tool Jon (Nov 03)
- RE: Firewall bypassing tool Bojan Zdrnja (Nov 03)
- <Possible follow-ups>
- Re: Firewall bypassing tool Cynic (Nov 03)
- Re: Firewall bypassing tool Michael Katz (Nov 03)