SPI firewall in between



Dear list,

Recently we have started working on a black box pen test. And I think
that the IP's which we are given are behind a SPI firewall.

Lets say these are the IP's which my client gave me

x.x.x.23
x.x.x.24

when I try to do hping on them, this is what I get


[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 18
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
TTL 0 during transit from ip=x.x.x.23 name=UNKNOWN


[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 19
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
len=46 ip=x.x.x.23 ttl=240 DF id=44266 sport=80 flags=SA seq=0
win=8190 rtt=335.5 ms


This is the case for the other IP too.

I need to find the actual IP for the device which is at hop 18. I
tried running tcpdump along with hping, but I didnt get any clue about
the IP of that device.

Any bright ideas???

Thanx in advance.

Regards,

Itimanth

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • Re[4]: Informing Companies about security vulnerabilities...
    ... They send out HTML formatted email, I use a POP client that can be toggled to not render HTML. ... conduct a pen test? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • RE: Core Impact Vs Manual Pen Test
    ... Core Impact Vs Manual Pen Test ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • cracking Y2k DC Admin password
    ... cannot even dump the sam from a 2k box, as I would condiser this a basic ... for a pen test in doing I got control on the server and logged as the ... the local ADMIN$ shere. ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: The legal / illegal line?
    ... Offer to do a free lightweight pen test for the company. ... Varun V Nair ... On 05/03/07, Philosophil wrote: ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)