hmmm.... we'll....you can't tell anything from port 80 (http) coz (by the sounds of things) the firewall is configured to let that traffic thru (probably).
now, you could sniff to see what other connections you can make (21 etc) but, if you make a connection or get some sorta reading back on a port then this doesn't prove or deny the existance of a firewall (coz the firewall could be configured to let those pckts thru). A better approach would be to fingerprint the os of the webserver (from info from port 80) and then compare that to the finger print your getting back from responses from other ports (e.g. an os has its on peculiar quirks in handshaking tcp/ip - its these quirks which all OSs to be fingerprinted based on tcp/ip behaviour). If the finger print for all ports (including odd ones which a firewall wont be configured to allow thru) match then might be able to say there is no firewall. NMAP would probably be a better option joel -----Original Message----- From: Fred Sahakian [mailto:[EMAIL PROTECTED]] Sent: 17 April 2002 20:37 To: >; > Subject: Firewall Anyone know of a perl script that can determine if a website is actually behind a firewall? thanks! -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
