SPI firewall in between
- From: "Itimanth K" <itimanth@xxxxxxxxx>
- Date: Thu, 15 Mar 2007 10:38:16 +0530
Dear list,
Recently we have started working on a black box pen test. And I think
that the IP's which we are given are behind a SPI firewall.
Lets say these are the IP's which my client gave me
x.x.x.23
x.x.x.24
when I try to do hping on them, this is what I get
[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 18
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
TTL 0 during transit from ip=x.x.x.23 name=UNKNOWN
[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 19
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
len=46 ip=x.x.x.23 ttl=240 DF id=44266 sport=80 flags=SA seq=0
win=8190 rtt=335.5 ms
This is the case for the other IP too.
I need to find the actual IP for the device which is at hop 18. I
tried running tcpdump along with hping, but I didnt get any clue about
the IP of that device.
Any bright ideas???
Thanx in advance.
Regards,
Itimanth
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- Prev by Date: Re: Firewall testing tool - name forgotten ...
- Next by Date: Re: Listing hide files via ftp
- Previous by thread: NASL issues
- Next by thread: RE: Ethical hacker article published
- Index(es):
Relevant Pages
|
