RE: Auditing boxes with predictable IP Sqeuence(s)
From: Aleksander P. Czarnowski (alekc@avet.com.pl)Date: 02/26/02
- Previous message: Carmelo Floridia: "R: Firewall ACL determinations"
- Maybe in reply to: Ralph Los: "Auditing boxes with predictable IP Sqeuence(s)"
- Next in thread: Reidy, Patrick: "RE: Auditing boxes with predictable IP Sqeuence(s)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Feb 2002 10:14:37 +0100 From: "Aleksander P. Czarnowski" <alekc@avet.com.pl> To: <pen-test@securityfocus.com>
> I came up with a bunch of hosts which nMap classifies as
> 'unknown', but with predictable TCP Sqeuence(s).
Try passive OS fingerprinting. Personally I like siphon (although it's
OS database is a bit outdated, but you can easily add new OSes) but
there are other tools. Also run sniffer and look for connection to you
hosts. If you find one consider hijacking it. This will also reveal some
open ports.
nmap can be very flexible in port scanning - try packet fragmentation
and source port options (-f and -g). Also try rpc and null scans.
Just my two cents.
Regards,
Alex Czarnowski
AVET INS
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Carmelo Floridia: "R: Firewall ACL determinations"
- Maybe in reply to: Ralph Los: "Auditing boxes with predictable IP Sqeuence(s)"
- Next in thread: Reidy, Patrick: "RE: Auditing boxes with predictable IP Sqeuence(s)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
