stealth ideas to check egress rules on firewall

14 08 2012

To verify egress rules on firewall. we could
1. look at firewall policies
2. ask some employees to help in other words do social engineering
3. guess

The first two approaches are not what I would like to talk today instead I am focusing on guessing technique. A stager of Metasploit called reverse_tcp_allports is one of the nice ideas to do this.
However, if we need more stealth, create a server which responses to any TCP port like 65K Open TCP Ports and watch for our traffic.

“The quieter you become the more you can hear”



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: