Perimeter Security
Results 1 to 4 of 4

Thread: Perimeter Security

  1. #1
    Member
    Join Date
    Aug 2004
    Posts
    95

    Unhappy Perimeter Security

    I am new to security, some one asked me this question. I thought you can help me.

    Perimeter device identification

    >> When ping is not working in the destination, and when you dont know the server is on/off, what do you do?

    Try to
    Telnet 21,23,25,80,110 etc.,
    try nmap with various types of port scannig.,
    try sniffing if it is local network and IDS is not present.,

    If the the target is away in a different network with perimeter device installed, how do you find wether it is ON/OFF & the periemter device which is protecting it?

    Is there any tool or tutorial, if there is something please help me.

    anban

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Usually you can scan for specific ports.

    I have found that if you do a basic nmap command such as nmap -sS ip it comes back as no computer being there. But if you do a nmap -sS -P <port number here> ip it usually comes back as say


    port 80 HTTP Filtered

    Thats one way I know Port 80 is usually almost there so it should be active unless the administrator is blocking traffic on port 80 and routing it to a different port.
    =

  3. #3
    Member
    Join Date
    Aug 2004
    Posts
    95
    When some perimeter device like firewall is present, it will block nmap (MS XP SP2). How do we go about it?

    How do we find what firewall it is?

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255

    Re: Perimeter Security

    Originally posted here by anban
    If the the target is away in a different network with perimeter device installed, how do you find wether it is ON/OFF & the periemter device which is protecting it?
    Well, if it's properly done, there's no way, however you could play with a tool like hping2 to increase the TTL on a standard TCP packet until you see a difference between when it gets dropped and when it doesn't. You might also google 'network fingerprinting' and 'firewall fingerprinting' and such to see if you can find a tutorial on doing it without something like NMAP.

    Originally posted here by cheyenne1212
    Usually you can scan for specific ports.
    I have found that if you do a basic nmap command such as nmap -sS ip it comes back as no computer being there. But if you do a nmap -sS -P <port number here> ip it usually comes back as say
    port 80 HTTP Filtered
    Thats one way I know Port 80 is usually almost there so it should be active unless the administrator is blocking traffic on port 80 and routing it to a different port.
    If they are blocking pings, the above will probably not work, you'd need to add the -P0 flag to tell nmap to not try pinging the host first. If you use just a TCP/80 SYNSCAN it should probably work, or at least, tell you that it's filtered.

    Scanning remote networks that are firewalled can be tricky. It's very difficult to know the network layout, and frequently a lot of assumptions are made during the enumeration process.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •