-
December 27th, 2003, 05:46 AM
#1
Senior Member
Bypassing the firewall
is there a way to bypass a firewall to detect the internal network. using tools like nmap and nessus
here is what i get when i try to scan a target that uses a firewall
Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2003-12-26 21:44 EST
Note: Host seems down. If it is really up, but blocking our ping probes, try -P0Nmap run completed -- 1 IP address (0 hosts up) scanned in 16.064 seconds
yet when i ping the target i get this
bash-2.05b# ping 204.118.xxx.xxx
PING 204.118.xxx.xxx (204.118.xxx.xxx) 56(84) bytes of data.
64 bytes from 204.118.xxx.xxx: icmp_seq=5760 ttl=50 time=62.3 ms
64 bytes from 204.118.xxx.xxx: icmp_seq=5761 ttl=50 time=64.3 ms
64 bytes from 204.118.xxx.xxx: icmp_seq=5762 ttl=50 time=62.3 ms
64 bytes from 204.118.xxx.xxx: icmp_seq=5763 ttl=50 time=61.3 ms
-
December 27th, 2003, 05:54 AM
#2
Member
How do we know that you are not auditing your computer. You cant have a job because you are under 13. So you dont have many comps to work around. So why do you want to bypass a firewall???
There are 10 kinds people on Earth.
Those who know Binary and those who dont.
[flip]4675636B207468652064616D6E20626C6F6F6479206861636B65642D757020776F726C6400[/flip]
-
December 27th, 2003, 06:10 AM
#3
You're under 13 god? Hmm, they start early these days.
Couple of things to look at:
- Can you traceroute to the host? If not what hop does the traceroute die at? Also try a tracert from
a Windows box as it uses ICMP instead of TCP to do the trace. (You can also try 'pathping' if you
have an XP box handy)
- Read the NMAP Docs, there is some really good firewall related scanning material in there.
- Try doing a slower scan (explained in the NMAP Docs), many networks with a good IDS implemented
will just drop your traffic if you are doing anything too agressive.
- If you don't know the network, _always_ assume there is one or more NIDS (possibly on the border routers, and the target gateway).
You can determine for certain the presence of a NIDS later, but these days this assumption is a safe bet.
Just be cool with your scans, a lot of people get pissed about them (for good reason), so keep that in mind.
-- spurious
[Edit] This is a valid security question, and whomever gave god neg's, a piece of coal to you.
Get OpenSolaris http://www.opensolaris.org/
-
December 27th, 2003, 07:07 AM
#4
Senior Member
thanks spurious_inode, i am not sure about the 13 thing this is not my age, and from where did you get that from leapinglangoor.
-
December 27th, 2003, 07:14 AM
#5
This is not the place to be asking these types of questions!
is there a way to bypass a firewall to detect the internal network. using tools like nmap and nessus
here is what i get when i try to scan a target that uses a firewall
I think xmaddness says it best
We are a community that is here to help teach people how to secure their networks, not how to hack into them.
These types of questions normally get negged What your asking is pretty much assist you in a malicious act. Hope this helps Computer Nerd22
-
December 27th, 2003, 07:25 AM
#6
Senior Member
i am not trying to hack anything, i am just asking is it possible??
-
December 27th, 2003, 07:30 AM
#7
I have a problem with the basic idea that if someone asks a question that involves real security as does
this post, the legions of neg-happy hordes all come out of the woods to dish out little red dots. This is total
bullshit. What is it about actual security realted topics, like how to scan through a firewall, etc. that scares
people; this is a security site correct?
Face it folks, real security involves things like firewall testing and other things that go bump in the night.
-- spurious
Get OpenSolaris http://www.opensolaris.org/
-
December 27th, 2003, 09:59 AM
#8
Member
Look at your profile, it says "AntiOnline Jr. Member" --- You are under 13 if your birth year is above 1990.
There are 10 kinds people on Earth.
Those who know Binary and those who dont.
[flip]4675636B207468652064616D6E20626C6F6F6479206861636B65642D757020776F726C6400[/flip]
-
December 27th, 2003, 10:12 AM
#9
I assume you are kidding. If not, please note that 'AntiOnline Jr. Member' is a title in reference to the number of
posts that the member has made. I am 32, and my title is 'AntiOnline Jr. Member' because I have not yet reached
170 posts.
Honest mistake since the the sign-up makes the distiction between >= 13 and <= 13.
-- spurious
Get OpenSolaris http://www.opensolaris.org/
-
December 27th, 2003, 03:44 PM
#10
Senior Member
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|