Re: [fw-wiz] scanning...

From: Julian M D (julianmd_at_gmail.com)
Date: 11/03/05

  • Next message: Robert MacDonald: "re: [fw-wiz] 7.0 Pix software capabilities"
    To: "Hile.William@epamail.epa.gov" <Hile.William@epamail.epa.gov>
    Date: Thu, 3 Nov 2005 00:10:07 -0500
    
    

    I feel your pain, I'm exactly in the same situation. Here's what helped me
    get the big picture!
     http://www.neon.com/map.shtml

     On 11/2/05, Hile.William@epamail.epa.gov <Hile.William@epamail.epa.gov>
    wrote:
    >
    >
    > NMAP would be an excellent tool... you can put in the IP range or subnet
    > with that... As far as traversing firewalls... it will only report what
    > ports are allowed through the firewall for each host... so you are firewall
    > ruleset dependant so it may not give you complete results for a host on the
    > other side of a firewall... It will report as an example port 80 is allowed
    > through and httpd is running on the host in question so it will report that
    > service but smptd is also running on the server however its not allowed
    > through the firewall from you so you will not know its listening because you
    > cant see the port... so you are basically bound to your firewall rule set
    > there could be servers beyond your firewall that are up and functional but
    > that you do not have access to any of the services running on them so from
    > your perspective they will essentially be down.
    >
    >
    >
    > William
    >
    >
    >
    > *Brian Loe <knobdy@gmail.com>*
    >
    > 11/02/2005 02:31 PM
    > To
    > William Hile/RTP/USEPA/US@EPA cc
    > firewall-wizards@honor.icsalabs.com,
    > firewall-wizards-admin@honor.icsalabs.com Subject
    > Re: [fw-wiz] scanning...
    >
    >
    >
    >
    > I was going to mention nmap - which I wouldn't mind using in this effort
    > at all. The question is, will it traverse the firewalls?
    >
    > Isn't there a "true" management network operation you can use on Cisco
    > boxes that work as a "private VLAN" and be passed via most any device - even
    > a PIX (and they think they're a part of VLAN 1 or whatever, right?)? Words
    > in "s are there for a lack of better ones, or my lack of understanding.
    >
    > On 11/2/05, *Hile.William@epamail.epa.gov* <Hile.William@epamail.epa.gov><
    > * Hile.William@epamail.epa.gov* <Hile.William@epamail.epa.gov>> wrote:
    >
    > Brian,
    > I think I would approach this from a ummm hacker mentatility... I know a
    > little info and I need to gain all the information I can.. I think I would
    > probably start with something simple like angry IP scanner and input the
    > subnet (of course make sure you have permission to scan the network) and go
    > from there. There are tons of free tools out there that can ip walk and OS
    > guess but just make sure you have full permission to make you scans before
    > doing so. humm seems that whatsup gold (there's a free trial out there) will
    > do network discovery and even seems that it will do so via whatever port you
    > choose... Its been awhile since i used it... and I know it will monitor your
    > server/workstations via whatever port but I cant remember how it does net
    > discovery... And if you have free reign of the network use this as a
    > learning exp and try out several ways to do what you are trying to
    > accomplish... and see which one is better and or produces the most output...
    >
    >
    > I wish you luck
    >
    > Let me know how things turn out.....
    >
    > William
    >
    >
    > *Brian Loe <**knobdy@gmail.com* <knobdy@gmail.com>*>*
    > Sent by: *firewall-wizards-admin@honor.icsalabs.com*<firewall-wizards-admin@honor.icsalabs.com>
    >
    > 11/02/2005 09:22 AM
    >
    > To
    > *firewall-wizards@honor.icsalabs.com*<firewall-wizards@honor.icsalabs.com>
    > cc
    > Subject
    > [fw-wiz] scanning...
    >
    >
    >
    >
    >
    >
    > Let me ask all of you a fairly generic question that should garner
    > lots of different ideas. Let us say that you have gone to work for a
    > new company as a network admin. It is a fairly complex network with
    > multiple routers, switches and firewalls (a firewall for every router,
    > let's say). The current network team has no formal training and have
    > done all of their learning on the job, following a contracting company
    > who was paid to initially setup the network.
    >
    > Okay, so how would you go about mapping out this network? You don't
    > have the understanding of devices by name yet, and each device is
    > likely to have 20 interfaces on it, with 20 IPs for 20 networks! You
    > live on a "management network", but it's only "management" because
    > it's a subnet which has been given telnet access to all of the devices
    > on the network - in other words, scanning with your usual tool (LAN
    > MapShot from Fluke - in my case, because it CAN start a pretty good
    > network diagram directly in Visio) from your "management" network
    > won't show you anything than it will from any other subnet.
    >
    > Follow what I mean? Ideas? Pretend the network is yours and you're
    > free to change anything you want - where would you start?
    > _______________________________________________
    > firewall-wizards mailing list *
    > **firewall-wizards@honor.icsalabs.com*<firewall-wizards@honor.icsalabs.com>
    > *
    > **http://honor.icsalabs.com/mailman/listinfo/firewall-wizards*>
    >
    >
    >

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Robert MacDonald: "re: [fw-wiz] 7.0 Pix software capabilities"

    Relevant Pages

    • Re: Turning on Media Sharing in WMP11
      ... I believe it forms quite a reasonable network media device. ... Turning on SSDP (it was disabled as was uPnP) to Manual and then UPnP ... If there is a firewall, or NAT, built into your ... You need to open port s: ...
      (microsoft.public.windowsmedia.player)
    • Re: May need to move from SBS because of connection issues
      ... Just to make sure you are clear regarding port 4125, ... access remote systems and you are behind a firewall on a non-SBS network, ... established that RWW worked TO your SBS network from outside. ... have been proof that the required ports were forwarded to the SBS server. ...
      (microsoft.public.windows.server.sbs)
    • RE: Secure Network Design (DMZ, LAN, etc)
      ... you'll see that their both on the same subnet. ... It has a port for the trusted network and a port ... Our firewall handles NAT. ... > servers, wouldn't it require a public IP and therefore be somewhat ...
      (Security-Basics)
    • Re: Identifying Internet Attacks
      ... contain the hacker to a particular machine, leave the machine on the network ... Some firewall software such as ... open ports; however, this will not identify which program is using the port. ... firewall logs, the IIS web and ftp server logs and Windows security event ...
      (microsoft.public.inetserver.iis.security)
    • Re: Leopard Firewall Warning
      ... machines on a particular network can access a port. ... The new scheme is an XP-style application based firewall; ... This, as an example, allows an attacker, once ...
      (uk.comp.sys.mac)