Re: All tcp ports open?

From: Bill Burge (bill_at_burge.com)
Date: 08/29/04

  • Next message: dreamwvr_at_dreamwvr.com: "Re: All tcp ports open?"
    Date: Sun, 29 Aug 2004 10:10:09 -0700
    To: "Ben Timby" <asp@webexc.com>, pen-test@securityfocus.com
    
    

    I have seen this strange behavior from an Alteon loadbalancer...

    bb

    *********** REPLY SEPARATOR ***********

    On 8/29/2004 at 2:04 AM Ben Timby wrote:

    >I am not sure what is doing this, but I assume it is a software (or some
    >kind of) firewall/hids, can anybody point me in the right direction?
    >
    >I am pen-testing a Windows webserver, and a port scan reveals ALL tcp
    >ports open. hping also confirms that a SA is returned for any S packets
    >sent to any port I try. I can connect via netcat any of the ports, and
    >send data, but nothing is returned. In order to verify services, I am
    >required to connect and check for a banner or send appropriate protocol
    >commands to elicit a response.
    >
    >Has anyone seen this, or have any idea of what this is?
    >
    >Thanks.
    >
    >------------------------------------------------------------------------------
    >Ethical Hacking at the InfoSec Institute. All of our class sizes are
    >guaranteed to be 12 students or less to facilitate one-on-one interaction
    >with one of our expert instructors. Check out our Advanced Hacking course,
    >learn to write exploits and attack security infrastructure. Attend a course
    >taught by an expert instructor with years of in-the-field pen testing
    >experience in our state of the art hacking lab. Master the skills of an
    >Ethical Hacker to better assess the security of your organization.
    >
    >http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    >-------------------------------------------------------------------------------

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------


  • Next message: dreamwvr_at_dreamwvr.com: "Re: All tcp ports open?"

    Relevant Pages

    • Re: QualysGuard
      ... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: RE: listing directory structure within webserver root
      ... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • RE: interesting wireless card and linux issue
      ... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • RE: Instant Messenger
      ... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: All tcp ports open?
      ... >> Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... >> learn to write exploits and attack security infrastructure. ...
      (Pen-Test)