Hello > 1) How do I determine the router and firewall IPs and > type of firewalls/router used? > Have you tried the -O option of NMAP, that could at least give you a guess of the OS on which the firewall is running, and at best, the type of firewall > 2) How can I bypass the firewall to exploit the open > ports on the servers? The only thing I can think of here is to use packet fragmentation. That worked in the past, but more an more firewalls have fixed the problem > > 3) How can I exploit secured (SSL) web server? > I would think the same way you would do a not secure one. For example, you can still attempt unicode exploits, wether it is https or not, just replace http by https. Unless they use authentication as well... > Appreciate any useful information from anyone out > there........ > > Thanks, > Niumal > > > ===== > Niumal Weerasena > Mobile : +6 012 - 2112654 > Email : niumalat_private > > __________________________________________________ > Do You Yahoo!? > NEW from Yahoo! GeoCities - quick and easy web site hosting, > just $8.95/month. > http://geocities.yahoo.com/ps/info1 > > -------------------------------------------------------------- > -------------- > This list is provided by the SecurityFocus Security > Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security > vulnerabilities please see: > https://alerts.securityfocus.com/ > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Oct 10 2001 - 08:09:18 PDT