At 11/1/2002 03:28 AM, d_fence wrote: >I read sometime ago about bypassing the firewall filters which block incoming >(initializing) SYN packets, by sending for example a SYN-FIN packet and >establishing that way a connection to a blocked port.. Now I`m trying to >check wether my firewall would let through such packets, and so I`m searching >for a tool which would does this.. Do you know any such tools? This seems too obvious, but.... How about Fyodor's nmap? You can obtain it from http://www.insecure.org/nmap. One of the options for scanning is -sF, which will send SYN-FIN packets. You can also use -sA, which will send SYN-ACK packets. There are also tools like hping (http://www.hping.org) which can be used to test your firewall in a similar manner. Michael Katz mikeat_private Procinct Security
This archive was generated by hypermail 2b30 : Sun Nov 03 2002 - 10:15:50 PST