Firewall penetration testing

[thorin]

skidmarq has a good suggestion. HPING can be pretty handy for doing some sort of firewalk type testing, you can even setup some pretty simple shell scripts to call hping and increment or decrement parameters to automate the process of mapping out the ruleset (or at least try to in some circumstances).

[roybatty]

Ok, then. Let's bend the spoon. Traceroute will help you test firewalls, as well as firewalk. If you are really into it, learn how to use scapy (superb tool).

[Thorn]

... were not all seasoned Pentesting Experts.

Then why are you here?

Id like to add that he has been pointed in the right direction, but this forum could still do to be a bit more friendly. Otherwise people wont be sticking around for long.

I see it as just the opposite. Personally, I'd like to this place to be less friendly to the new users, and promote strictly professional use.

<rant>
Unfortunately, this place is flooded with skriddies who want to "break da neighbor's WEP" and have "school assignments" to do things they clearly haven't been taught in school, and these same subjects come up again and again in posts. Yet there are very few real support posts among the actual pros, like "I'm running into an privilege escalation issue with a client's Uber2000 v2.1 server. The usual wheel changes don't work, and I'm getting an 'Error 900' which is undocumented. Did 2.1 change something that we haven't seen yet?"

Allowing these beginner posts chases away the pros. I'm finding that I'm posting here less and less as time goes on, because of it. In fact, there are a number of professionals here I know that haven't posted in months, who could answer these questions in their sleep, yet they rarely participate here anymore. Why? Well, it could be that they're just busy working, but I suspect that many are just sick and tired of seeing the repeated skriddie posts.
<rant/>

[purehate]

I'll have to agree with thorn once again. I have gotten to the point where I will answer questions about backtrack directly and its installation and configuration but beyond that I am tired of answering the same thing over and over again.

[fancy]

I strictly agree with Thorn too - in all details.
This used to be a forum for professionals - we are not here to educate or teach somebody especially we do not spoonfeed people with information which google will reveal in seconds. And this has nothing to do with arrogance or how some would say, feeling superior !

[thorin]

I'm sure this is obvious but...

Code:

/me agrees with Thorn, purehte, and fancy!

Ok, then. Let's bend the spoon. Traceroute will help you test firewalls, as well as firewalk. If you are really into it, learn how to use scapy (superb tool).

There is no spoon!

I'll raise you TCPTraceroute

[Gitsnik]

I'll raise you TCPTraceroute

I'll see you and raise you lft for really getting into protocol work.

I would like to point out that this thread seems to be degenerating into a "why senior members suck" but from the senior members perspective Not that I don't agree!

Personally, one recommends learning a good deal about every protocol on the stack. I can probably still recall every field in the TCP header (including RFC3514 ) based on all the reading and rereading I did, and the playing with stateful, non-stateful, protocol, application layer etc. work that I did waaaay back when I was learning the majority of this.