Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.104048 |
Category: | Nmap NSE net |
Title: | Nmap NSE net: firewalk |
Summary: | Tries to discover firewall rules using an IP TTL expiration technique known as firewalking.;;The scan requires a firewall (or 'gateway') and a metric (or 'target'). For each filtered port on;the target, send a probe with an IP TTL one greater than the number of hops to the gateway. The TTL;can be given in two ways: directly with the 'firewalk.ttl' script argument, or indirectly;with the 'firewalk.gateway' script argument. For 'firewalk.gateway', Nmap must;be run with the '--traceroute' option and the gateway must appear as one of the;traceroute hops.;;If the probe is forwarded by the gateway, then we can expect to receive an ICMP_TIME_EXCEEDED reply;from the gateway next hop router, or eventually the target if it is directly connected to the;gateway. Otherwise, the probe will timeout. As for UDP scans, this process can be quite slow if lots;of ports are blocked by the gateway.;;From an original idea of M. Schiffman and D. Goldsmith, authors of the firewalk tool.;;SYNTAX:;;firewalk.ttl: value of the TTL to use. Should be one greater than the;number of hops to the gateway. In case both 'firewalk.ttl' and;'firewalk.gateway' IP address are;supplied, 'firewalk.gateway' is ignored.;;;;firewalk.gateway: IP address of the tested firewall. Must be present in the traceroute results. |
Description: | Summary: Tries to discover firewall rules using an IP TTL expiration technique known as firewalking. The scan requires a firewall (or 'gateway') and a metric (or 'target'). For each filtered port on the target, send a probe with an IP TTL one greater than the number of hops to the gateway. The TTL can be given in two ways: directly with the 'firewalk.ttl' script argument, or indirectly with the 'firewalk.gateway' script argument. For 'firewalk.gateway', Nmap must be run with the '--traceroute' option and the gateway must appear as one of the traceroute hops. If the probe is forwarded by the gateway, then we can expect to receive an ICMP_TIME_EXCEEDED reply from the gateway next hop router, or eventually the target if it is directly connected to the gateway. Otherwise, the probe will timeout. As for UDP scans, this process can be quite slow if lots of ports are blocked by the gateway. From an original idea of M. Schiffman and D. Goldsmith, authors of the firewalk tool. SYNTAX: firewalk.ttl: value of the TTL to use. Should be one greater than the number of hops to the gateway. In case both 'firewalk.ttl' and 'firewalk.gateway' IP address are supplied, 'firewalk.gateway' is ignored. firewalk.gateway: IP address of the tested firewall. Must be present in the traceroute results. CVSS Score: 0.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:N |
Copyright | Copyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |