From: Itimanth K (itimanth@gmail.com)
Date: Thu Mar 15 2007 - 00:08:16 EST
Dear list,
Recently we have started working on a black box pen test. And I think
that the IP's which we are given are behind a SPI firewall.
Lets say these are the IP's which my client gave me
x.x.x.23
x.x.x.24
when I try to do hping on them, this is what I get
[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 18
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
TTL 0 during transit from ip=x.x.x.23 name=UNKNOWN
[itimanth@localhost]$ hping2 -S x.x.x.23 -c 1 -p 80 -t 19
HPING x.x.x.23 (eth0 x.x.x.23): S set, 40 headers + 0 data bytes
len=46 ip=x.x.x.23 ttl=240 DF id=44266 sport=80 flags=SA seq=0
win=8190 rtt=335.5 ms
This is the case for the other IP too.
I need to find the actual IP for the device which is at hop 18. I
tried running tcpdump along with hping, but I didnt get any clue about
the IP of that device.
Any bright ideas???
Thanx in advance.
Regards,
Itimanth
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:40 EDT