[ISN] ies2.net security advisory - gateway port scanning [firewalk]

From: mea culpa (jerichot_private)
Date: Thu Oct 29 1998 - 17:23:08 PST

  • Next message: mea culpa: "[ISN] Old Laws Work against New Crime"

    Forwarded From: "Dave G." <dhgt_private>
    es2.net security advisory                   [CTP enterprise security services]
    title    : gateway port scanning (firewalk)
    docket   : 98-01
    type     : tool/technique
    severity : NIL
    authors  : Mike D. Schiffman <mdst_private>, David H. Goldsmith <dhgt_private>
    A traceroute-like analysis of IP packet responses to determine gateway ACLs
    Firewalking uses traceroute-like IP packet analysis to determine whether or
    not a particular packet can pass from an attacker's host to a destination
    host through a packet-filtering device.  This technique can be used to map
    'open' or 'pass through' ports on a gateway.  More over, it can determine
    whether packets with various control information can pass through a given
    gateway.  Also, using this technique, an attacker can map routers behind a
    packet-filtering device.
    For the complete whitepaper and code:
    Contents of the advisory are Copyright (c) 1998 Cambridge Technology Partners
    Enterprise Security Services, Inc.  Distribution is unlimited under the
    condition that due credit is given and no fee is charged.
    ESS is a division of Cambridge Technology Partners, Inc.
    | Mike D. Schiffman <mdst_private>
    | Cambridge Technology Partners, Enterprise Security Services
    | What Wondrous Cerebration.
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:09:25 PDT