The first problem is that you won't be able to connect to it via IPX/SPX over the internet. If you're on the local wire, that is a different story, however. For IPX/SPX attack info, check out Nimrod Mobile Research Centre (www.nmrc.org), and I can attest that you'll find the protocol is far less secure. That said, you'll also find that it's remarkably different from TCP/IP in many ways. Some of the good news includes that it's fantastically simple (technically speaking; the sequence numbers are limited and even usually sequential) to hijack connections, and some of the bad news is that it's so different from TCP/IP that you may not find it easy to exploit. On Mon, 2002-07-15 at 08:03, st0ff st0ff wrote: > hello, > i have to pentest a nt client. there is tcp/ip as well > as ipx/spx installed. An ip-filter prevents accessing > the box using tcp/ip. is there a possibility to do it > over ipx? are there scanner-tools available like nmap? > > thanks 4 all answers > > if0ff > > __________________________________________________ > Do You Yahoo!? > Yahoo! Autos - Get free new car price quotes > http://autos.yahoo.com > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > ################################################################# ################################################################# ################################################################# ##### ##### ##### ################################################################# ################################################################# ################################################################# ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Jul 15 2002 - 11:00:20 PDT