Re: how nmap can know my firewalled servers ?



Hey guys,

Fyodor, the author of nmap, demonstrated some hacks like this at his
presentation at Shmoocon (a security conference in washington D.C.).
You can download the presentation at:

http://www.shmoocon.org/schedule.html

Just look through the schedule for Fyodor's name and download the
movie of his presentation. He explains why this works.

Harrison

On 4/12/06, ilaiy <ilaiy.e@xxxxxxxxx> wrote:
Firewalk does a better job at determinig the firewall configuration ..

./thanks
ilaiy

On 4/12/06, Alexey Eremenko <al4321@xxxxxxxxx> wrote:
Hi all !

I know that "nmap" can show open ports. But nmap also shows my
firewalled ports !
How?

Since some servers (like apache) are firewalled with iptables, how can
nmap know wherever
my system run the service with open port, filtered port or doesn't run
it at all ?


-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------



-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------



Relevant Pages

  • Re: Password Management
    ... is actually 7 alphanumeric characters... ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... See why so many companies trust Spy Sweeper Enterprise to ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • RE: PenTest Checklist
    ... Penetration Test Sample Report ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... See why so many companies trust Spy Sweeper Enterprise to ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • Re: Password Management
    ... is actually 7 alphanumeric characters... ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... See why so many companies trust Spy Sweeper Enterprise to ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • Re: Password Management
    ... is actually 7 alphanumeric characters... ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... See why so many companies trust Spy Sweeper Enterprise to ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • Re: Failure Audit for Event id 675
    ... Failure Audit for Event id 675 ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... See why so many companies trust Spy Sweeper Enterprise to ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)