Firewalk
Firewalk, developed by Mike Schiffman and Dave Goldsmith furthersthe techniques used both by static port traceroutes and hping. It can be
used to scan a host downstream from a security gateway to assess what
rules relate to the target system, without any packets having to reach it.
Firewalk utilizes the TTL function to send packets with a TTL set to
expire one hop past the identified security gateway.
• If the packet is passed by the Firewall, a TTL expired should be
received.
• If the packet is blocked by the Firewall, this could be caused be
either of the following:
• An ICMP administratively prohibited response is received.
• The packet is dropped without comment.
Again, uncertainty is introduced through packets lost in transit. Some
security gateways will detect the packet is due to expire and send the
expired message whether the policy would have allowed the packet or
not.
No comments:
Post a Comment