This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
network_security_assesment [2009/06/08 03:02] k2patel |
network_security_assesment [2009/06/08 03:36] k2patel |
||
---|---|---|---|
Line 426: | Line 426: | ||
[-t (to|through|both)] [-b host<:host ...>] | [-t (to|through|both)] [-b host<:host ...>] | ||
[-a host<:host ...>] <hosts> | [-a host<:host ...>] <hosts> | ||
+ | </code> | ||
+ | LSRTunnel. LSRTunnel spoofs connections using source-routed packets. For the tool\\ | ||
+ | to work, the target host must reverse the source route (otherwise the user will not see\\ | ||
+ | the responses and be able to spoof a full TCP connection). LSRTunnel requires a\\ | ||
+ | spare IP address on the local subnet to use as a proxy for the remote host.\\ | ||
+ | Running LSRTunnel with no options shows the usage syntax: | ||
+ | <code bash> | ||
+ | $ lsrtunnel | ||
+ | usage: lsrtunnel -i <proxy IP> -t <target IP> -f <spoofed IP> | ||
</code> | </code> | ||
+ | |||
+ | == Using Specific Source Ports to Bypass Filtering == | ||
+ | information regarding circumvention of Firewall-1 in certain\\ | ||
+ | configurations, consult the excellent presentation from Black Hat Briefings 2000 by\\ | ||
+ | Thomas Lopatic et al. titled “A Stateful Inspection of Firewall-1” available as a Real\\ | ||
+ | Media video stream and PowerPoint presentation from [[ http://www.blackhat.com/html/bh-usa-00/bh-usa-00-speakers.html | Link]] | ||
[[91]] | [[91]] |