Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.104048
Category:Nmap NSE net
Title:Nmap NSE net: firewalk
Summary:Tries to discover firewall rules using an IP TTL expiration technique known as firewalking.;;The scan requires a firewall (or 'gateway') and a metric (or 'target'). For each filtered port on;the target, send a probe with an IP TTL one greater than the number of hops to the gateway. The TTL;can be given in two ways: directly with the 'firewalk.ttl' script argument, or indirectly;with the 'firewalk.gateway' script argument. For 'firewalk.gateway', Nmap must;be run with the '--traceroute' option and the gateway must appear as one of the;traceroute hops.;;If the probe is forwarded by the gateway, then we can expect to receive an ICMP_TIME_EXCEEDED reply;from the gateway next hop router, or eventually the target if it is directly connected to the;gateway. Otherwise, the probe will timeout. As for UDP scans, this process can be quite slow if lots;of ports are blocked by the gateway.;;From an original idea of M. Schiffman and D. Goldsmith, authors of the firewalk tool.;;SYNTAX:;;firewalk.ttl: value of the TTL to use. Should be one greater than the;number of hops to the gateway. In case both 'firewalk.ttl' and;'firewalk.gateway' IP address are;supplied, 'firewalk.gateway' is ignored.;;;;firewalk.gateway: IP address of the tested firewall. Must be present in the traceroute results.
Description:Summary:
Tries to discover firewall rules using an IP TTL expiration technique known as firewalking.

The scan requires a firewall (or 'gateway') and a metric (or 'target'). For each filtered port on
the target, send a probe with an IP TTL one greater than the number of hops to the gateway. The TTL
can be given in two ways: directly with the 'firewalk.ttl' script argument, or indirectly
with the 'firewalk.gateway' script argument. For 'firewalk.gateway', Nmap must
be run with the '--traceroute' option and the gateway must appear as one of the
traceroute hops.

If the probe is forwarded by the gateway, then we can expect to receive an ICMP_TIME_EXCEEDED reply
from the gateway next hop router, or eventually the target if it is directly connected to the
gateway. Otherwise, the probe will timeout. As for UDP scans, this process can be quite slow if lots
of ports are blocked by the gateway.

From an original idea of M. Schiffman and D. Goldsmith, authors of the firewalk tool.

SYNTAX:

firewalk.ttl: value of the TTL to use. Should be one greater than the
number of hops to the gateway. In case both 'firewalk.ttl' and
'firewalk.gateway' IP address are
supplied, 'firewalk.gateway' is ignored.



firewalk.gateway: IP address of the tested firewall. Must be present in the traceroute results.

CVSS Score:
0.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:N

CopyrightCopyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.