Re: [fw-wiz] scanning...

From: Brian Loe (knobdy_at_gmail.com)
Date: 11/03/05

  • Next message: Julian M D: "Re: [fw-wiz] scanning..." 
    To: Julian M D <julianmd@gmail.com>
Date: Thu, 3 Nov 2005 09:17:53 -0600

    Awesome, if it works this might be the answer! Now we'll just have to see
    what the limitations of the trial version are.

    On 11/2/05, Julian M D <julianmd@gmail.com> wrote:
    >
    > I feel your pain, I'm exactly in the same situation. Here's what helped me
    > get the big picture!
    > http://www.neon.com/map.shtml
    >
    > On 11/2/05, Hile.William@epamail.epa.gov <Hile.William@epamail.epa.gov >
    > wrote:
    > >
    > >
    > > NMAP would be an excellent tool... you can put in the IP range or subnet
    > > with that... As far as traversing firewalls... it will only report what
    > > ports are allowed through the firewall for each host... so you are firewall
    > > ruleset dependant so it may not give you complete results for a host on the
    > > other side of a firewall... It will report as an example port 80 is allowed
    > > through and httpd is running on the host in question so it will report that
    > > service but smptd is also running on the server however its not allowed
    > > through the firewall from you so you will not know its listening because you
    > > cant see the port... so you are basically bound to your firewall rule set
    > > there could be servers beyond your firewall that are up and functional but
    > > that you do not have access to any of the services running on them so from
    > > your perspective they will essentially be down.
    > >
    > >
    > >
    > > William
    > >
    > >
    > >
    > > *Brian Loe <knobdy@gmail.com>*
    > >
    > > 11/02/2005 02:31 PM
    > > To
    > > William Hile/RTP/USEPA/US@EPA cc
    > > firewall-wizards@honor.icsalabs.com,
    > > firewall-wizards-admin@honor.icsalabs.com Subject
    > > Re: [fw-wiz] scanning...
    > >
    > >
    > >
    > >
    > >
    > >
    > >
    > > I was going to mention nmap - which I wouldn't mind using in this effort
    > > at all. The question is, will it traverse the firewalls?
    > >
    > > Isn't there a "true" management network operation you can use on Cisco
    > > boxes that work as a "private VLAN" and be passed via most any device - even
    > > a PIX (and they think they're a part of VLAN 1 or whatever, right?)? Words
    > > in "s are there for a lack of better ones, or my lack of understanding.
    > >
    > > On 11/2/05, *Hile.William@epamail.epa.gov *<Hile.William@epamail.epa.gov><
    > > * Hile.William@epamail.epa.gov * <Hile.William@epamail.epa.gov>> wrote:
    > >
    > > Brian,
    > > I think I would approach this from a ummm hacker mentatility... I know a
    > > little info and I need to gain all the information I can.. I think I would
    > > probably start with something simple like angry IP scanner and input the
    > > subnet (of course make sure you have permission to scan the network) and go
    > > from there. There are tons of free tools out there that can ip walk and OS
    > > guess but just make sure you have full permission to make you scans before
    > > doing so. humm seems that whatsup gold (there's a free trial out there) will
    > > do network discovery and even seems that it will do so via whatever port you
    > > choose... Its been awhile since i used it... and I know it will monitor your
    > > server/workstations via whatever port but I cant remember how it does net
    > > discovery... And if you have free reign of the network use this as a
    > > learning exp and try out several ways to do what you are trying to
    > > accomplish... and see which one is better and or produces the most output...
    > >
    > >
    > > I wish you luck
    > >
    > > Let me know how things turn out.....
    > >
    > > William
    > >
    > >
    > > *Brian Loe <* *knobdy@gmail.com* <knobdy@gmail.com>*>*
    > > Sent by: *firewall-wizards-admin@honor.icsalabs.com*<firewall-wizards-admin@honor.icsalabs.com>
    > >
    > > 11/02/2005 09:22 AM
    > >
    > > To
    > > *firewall-wizards@honor.icsalabs.com *<firewall-wizards@honor.icsalabs.com>
    > > cc
    > >
    > > Subject
    > > [fw-wiz] scanning...
    > >
    > >
    > >
    > >
    > >
    > >
    > >
    > >
    > >
    > > Let me ask all of you a fairly generic question that should garner
    > > lots of different ideas. Let us say that you have gone to work for a
    > > new company as a network admin. It is a fairly complex network with
    > > multiple routers, switches and firewalls (a firewall for every router,
    > > let's say). The current network team has no formal training and have
    > > done all of their learning on the job, following a contracting company
    > > who was paid to initially setup the network.
    > >
    > > Okay, so how would you go about mapping out this network? You don't
    > > have the understanding of devices by name yet, and each device is
    > > likely to have 20 interfaces on it, with 20 IPs for 20 networks! You
    > > live on a "management network", but it's only "management" because
    > > it's a subnet which has been given telnet access to all of the devices
    > > on the network - in other words, scanning with your usual tool (LAN
    > > MapShot from Fluke - in my case, because it CAN start a pretty good
    > > network diagram directly in Visio) from your "management" network
    > > won't show you anything than it will from any other subnet.
    > >
    > > Follow what I mean? Ideas? Pretend the network is yours and you're
    > > free to change anything you want - where would you start?
    > > _______________________________________________
    > > firewall-wizards mailing list *
    > > * *firewall-wizards@honor.icsalabs.com*<firewall-wizards@honor.icsalabs.com>
    > > *
    > > * *http://honor.icsalabs.com/mailman/listinfo/firewall-wizards*>
    > >
    > >
    > >
    >

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Julian M D: "Re: [fw-wiz] scanning..."

    Relevant Pages

    • RE: Secure Network Design (DMZ, LAN, etc)
      ... you'll see that their both on the same subnet. ... It has a port for the trusted network and a port ... Our firewall handles NAT. ... > servers, wouldn't it require a public IP and therefore be somewhat ...
      (Security-Basics)
    • RE: can ping but not browse
      ... I have stopped the firewall. ... # are safed from all (security) hazards. ... firewall/bastion host to the internet ... # internet and to an internal network, ...
      (Fedora)
    • Re: Alias in different subnet on card
      ... Alias in different subnet on card ... > I'm running a firewall at the moment using FreeBSD 5.2.1 and IPFW. ... > this by adding an alias to xl1, ... > have to get another network card? ...
      (freebsd-questions)
    • Re: [fw-wiz] scanning...
      ... > ports are allowed through the firewall for each host... ... > cant see the port... ... > subnet and go ... > do network discovery and even seems that it will do so via whatever port you ...
      (Firewall-Wizards)
    • Re: Why not use NETBEUI on Windows XP ??
      ... Trusted zones means that firewall rules will be bypassed for any or certain ... not count on netbeui being a defense for such as long as smb connectivity ... while the connection is open. ... > Microsoft Networking components on my network. ...
      (microsoft.public.windowsxp.network_web)