Firewalls & SSL

• Previous message: Josha Bronson: "Re: Nmap issues...? or router?"
• Next in thread: Yoann Le Corvic: "RE: Firewalls & SSL"
• Reply: Yoann Le Corvic: "RE: Firewalls & SSL"
• Reply: Paul Midian: "RE: Firewalls & SSL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <20011009175715.29877.qmail@web13901.mail.yahoo.com>
Date: Tue, 9 Oct 2001 10:57:15 -0700 (PDT)
From: niumal weerasena <niumal@yahoo.com>
Subject: Firewalls & SSL
To: pen-test@securityfocus.com

Hi there,

I am currently performing a blind pen-test for a
client who uses more than 2 types of firewalls and has
a secured web server. I have done nmap FIN scans
(other scans failed) on the secured web server and the
rest of the class C address range and found several
ip’s responding. It shows many open ports such as FTP,
SMTP, Telnet,BO2K etc.

However I cannot exploit/connect to these ports using
“telnet”, “ftp” & “hping” because of the firewalls (I
suspect!!). I also know that the web server is using
Windows 2000 server and I suspect it is located behind
2 firewalls(because traceroute shows additional ip hop
for the web server) that only allows port 443 to be
accessed.

Based on the above, below are my queries:
1) How do I determine the router and firewall IPs and
type of firewalls/router used?

2) How can I bypass the firewall to exploit the open
ports on the servers?

3) How can I exploit secured (SSL) web server?

Appreciate any useful information from anyone out
there……..

Thanks,
Niumal

=====
Niumal Weerasena
Mobile : +6 012 - 2112654
Email : niumal@yahoo.com

__________________________________________________
Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Previous message: Josha Bronson: "Re: Nmap issues...? or router?"
• Next in thread: Yoann Le Corvic: "RE: Firewalls & SSL"
• Reply: Yoann Le Corvic: "RE: Firewalls & SSL"
• Reply: Paul Midian: "RE: Firewalls & SSL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: New to Cisco ... You can simplify and do a full static (all ports) if you have ... It should report that the web server is at 12.190.141.214. ... The two firewalls are on separate lines and have ... separate public interfaces. ... (comp.dcom.sys.cisco) Re: security advice (possible hacker activity?) ... Well, it's entirely up to you, but usually blocking all ports both outbound ... trojan or worm is installed onto the web server. ... the IIS web server. ... (microsoft.public.inetserver.iis.security) Re: security advice (possible hacker activity?) ... Well, it's entirely up to you, but usually blocking all ports both outbound ... trojan or worm is installed onto the web server. ... the IIS web server. ... (microsoft.public.win2000.security) Re: 2000 Server Setup ... you're bound to make a fatal mistake. ... You definitely want one or more firewalls that is configured ... For best security, if you can afford it, make the web server dedicated to ... > relavant security considerations for running a website. ... (microsoft.public.inetserver.iis.security) Re: ISA2004 SP2: EventID 14148 ... No firewall is active on the Cisco and all ports are passed through. ... Most likely it is IIS. ... are no thing different for web server publishing and IIS. ... (microsoft.public.isa.configuration)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint