Auditing boxes with predictable IP Sqeuence(s)

From: Ralph Los (RLos@enteredge.com)
Date: 02/25/02

Previous message: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
Next in thread: Aleksander P. Czarnowski: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: Aleksander P. Czarnowski: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: Reidy, Patrick: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: The Blueberry: "Re: Auditing boxes with predictable IP Sqeuence(s)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Ralph Los" <RLos@enteredge.com>
To: pen-test@securityfocus.com
Date: Mon, 25 Feb 2002 11:47:36 -0500

Hello,

On a network I've recently had the pleasure :) to audit I came up
with a bunch of hosts which nMap classifies as 'unknown', but with
predictable TCP Sqeuence(s). Now...are there any tools out there for either
Linux/Win2k that will allow me to exploit this type of 'vulnerability'?
These hosts don't return any other open port information, so I'm guessing
they're either switches, or routers or VPN concentrators...is there any way
to determine which of those it most likely is? Are there any patterns to
look for, when determining router/switch/vpn box??

Thanks in advance.....something I don't know and I figured I'd ask...

Cheers!

----------------------------------------|
Ralph M. Los
Sr. Security Consultant and Trainer
          EnterEdge Technology, L.L.C.
          rlos@enteredge.com
          (770) 955-9899 x.206
----------------------------------------|

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
Next in thread: Aleksander P. Czarnowski: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: Aleksander P. Czarnowski: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: Reidy, Patrick: "RE: Auditing boxes with predictable IP Sqeuence(s)"
Reply: The Blueberry: "Re: Auditing boxes with predictable IP Sqeuence(s)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: faster scans? (nmap)
... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: pen test help please asap
... > Machine A on client site makes a configurable encrypted OUTBOUND ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: ettercap help
... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: ettercap help
... > I can get it to sniff telnet, ftp, pop, smb, but no vnc. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: Wardialing
... >>> achieving the connection with the modem. ... >>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)