RE: Outgoing Port Check
- From: "Shenk, Jerry A" <jshenk@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 28 Nov 2006 11:58:45 -0500
That's actually a pretty good way. Set up a sniffer on the outside and
run nmap on the inside. One the sniffer, limit the sniffing to the host
that you are portscanning. I just did that yesterday. My dump file had
ONLY the traffic that the firewall was supposed to be allowing
through...amazing...somebody got it right;)
Here's one possible set of command-line arguments for what you want.
This is just tcp but you get the idea.
Outside:
tcpdump -i eth1 host 200.200.200.200 -w firewall_test.dump
You can read this file with: tcpdump -r firewall_test.dump | less
Inside:
nmap -sS 200.200.200.200 -p 1-65535
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of errorcode408
Sent: Tuesday, November 28, 2006 6:24 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Outgoing Port Check
Hi List,
I want to perform a check for allowed ports for outgoing Connections,
TCP and UDP as well, inside a filtered Company Network.
I thought of using nmap full port range, full connect Method against an
Server in a DMZ all Ports opened...
I am sure there are better ways, thats why im asking.
What do you think?
Are there tools for discovering Local Networks and its restrictions?
Regards,
Errorcode408
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------
**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- Prev by Date: Re: Optimal wildcard search algorithm
- Next by Date: Pen-testing - pricing model
- Previous by thread: Re: Optimal wildcard search algorithm
- Next by thread: RE: Outgoing Port Check
- Index(es):
Relevant Pages
|
