lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <d455122c05032222467b60a57f@mail.gmail.com>
From: rudrak at gmail.com (Rudra Kamal Sinha Roy)
Subject: Help with Firewalk

Dear anamika,
Firstly firewalk  attempts to determine what transport protocols a
given gateway will let through. The firewalk scan works by sending out
TCP or UDP packets with an IP TTL one greater then the targeted
gateway. If the gateway allows the traffic, it will forward the
packets to the next hop where they will expire and elicit a TTL
exceeded in transit message. If the gateway host does not allow the
traffic, it will likely drop the packets on the floor and we will see
no response. So mightbe your gateway needs some
configuration(depending on the architecture) you are having before you
go get blowing with your firewalk :)

Secondly to work its magic, firewalk has two phases, a network
discovery phase, and a scanning phase. Initially, to get the correct
IP TTL (that will result in expired packets one beyond the gateway) we
need to 'ramp up' hop counts. We do TTL ramping in the same manner
that traceroute works, sending packets out with successively
incremented IP TTLs, towards the destination host. Once we know the
gateway hopcount (at that point the scan is 'bound') we can move onto
the next phase, the actual scan which is actually very simple.

Hope this will benefit you.

Rudra
-- 
Rudra kamal Sinha Roy
iViZ Techno Solutions Pvt. Ltd
IIT Kharagpur

On 23 Mar 2005 02:36:52 -0000, anamika <sonianamikasoni@...iffmail.com> wrote:
> 
> 
>   
> 
> 
> 
> __________________________________ 
> We would change the world... 
> but GOD wont give us the source code. 
> 
> 
> 
>  
> 
> ---------- Forwarded message ----------
> From: "anamika" <sonianamikasoni@...iffmail.com>
> To: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com,
> dunceor@...il.com
> Date: 
> Subject: Help with Firewalk
> 
> 
> Hello,  
>   
>   I'm working on a project that uses Firewalk. 
> 
>   My system comprises of few machines in a LAN all using RH9... one is
> installed as a server and others as personal workstation...
> 
> Basically whenever I try to run Firewalk on my system (which uses RH9) I get
> foll output:
> 
>   Firewalk 5.0 [gateway ACL scanner]
>   fw_init_network(): route_get()
> 
>   Total packets sent:                0
>   Total packet errors:              0
>   Total packets caught              0
>   Total packets caught of interest  0
>   Total ports scanned                0
>   Total ports open:                  0
>   Total ports unknown:              0
> 
> I cannot understand where I am going wrong.... I guess you all have used
> Firewalk before... Please help me out here...
> 
> Awaiting your reply eagerly, 
> 
> Anamika __________________________________ 
> We would change the world... 
> but GOD wont give us the source code. 
> 
> 
> 
>  
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ