The FIN scanning method (presented in Phrack Magazine 49, article 15)
where you can scan for open ports on a host behind a packet-filtering
firewall even though your rules denys it is certainly working on
Checkpoint ver. 2.1(a) but I wonder if anyone have experiences with
other firewall software or verisons of software (packet-filtering, do I
have to mention that again?)?
I know that the behavior is possible because of a bug in the BSD netcode
which most UNIX-systems today seem to run but I have not heard of any
patches (Alan Cox, are you still alive?). Should I look for patches for
my O.S or for my firewall software?
Are Ciscos vulnerable with IOS-versions below 11? I have heard
Please, I don't want tons of mail asking, how do you do that? or do you
have there source code? If you are interested of how it works (and it
works good), read the article at
http://www.infowar.com/iwftp/Phrack/Phrack49/P49-15.txt which deals with
the details. You can also try nmap which is in Phrack Magazine 51,
article 11 and is a great scanning-program which supports more
scanning-methods! It's also VERY fast!
Keep on the good work Fyodor!!!
Name: Robert Ståhlbrand
Company: Ericsson Telecom AB
Company-Address: Flöjelbergsvägen 1C, Box 333
Zip-Code: 431 24 Mölndal
Phone Number: +46 31 747 6162
Fax Number: +46 31 747 3777
Email: robert .