| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: rudrak at gmail.com (Rudra Kamal Sinha Roy) Subject: Help with Firewalk Dear anamika, Firstly firewalk attempts to determine what transport protocols a given gateway will let through. The firewalk scan works by sending out TCP or UDP packets with an IP TTL one greater then the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit a TTL exceeded in transit message. If the gateway host does not allow the traffic, it will likely drop the packets on the floor and we will see no response. So mightbe your gateway needs some configuration(depending on the architecture) you are having before you go get blowing with your firewalk :) Secondly to work its magic, firewalk has two phases, a network discovery phase, and a scanning phase. Initially, to get the correct IP TTL (that will result in expired packets one beyond the gateway) we need to 'ramp up' hop counts. We do TTL ramping in the same manner that traceroute works, sending packets out with successively incremented IP TTLs, towards the destination host. Once we know the gateway hopcount (at that point the scan is 'bound') we can move onto the next phase, the actual scan which is actually very simple. Hope this will benefit you. Rudra -- Rudra kamal Sinha Roy iViZ Techno Solutions Pvt. Ltd IIT Kharagpur On 23 Mar 2005 02:36:52 -0000, anamika <sonianamikasoni@...iffmail.com> wrote: > > > > > > > __________________________________ > We would change the world... > but GOD wont give us the source code. > > > > > > ---------- Forwarded message ---------- > From: "anamika" <sonianamikasoni@...iffmail.com> > To: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com, > dunceor@...il.com > Date: > Subject: Help with Firewalk > > > Hello, > > I'm working on a project that uses Firewalk. > > My system comprises of few machines in a LAN all using RH9... one is > installed as a server and others as personal workstation... > > Basically whenever I try to run Firewalk on my system (which uses RH9) I get > foll output: > > Firewalk 5.0 [gateway ACL scanner] > fw_init_network(): route_get() > > Total packets sent: 0 > Total packet errors: 0 > Total packets caught 0 > Total packets caught of interest 0 > Total ports scanned 0 > Total ports open: 0 > Total ports unknown: 0 > > I cannot understand where I am going wrong.... I guess you all have used > Firewalk before... Please help me out here... > > Awaiting your reply eagerly, > > Anamika __________________________________ > We would change the world... > but GOD wont give us the source code. > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > >
Powered by blists - more mailing lists