HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 48 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow Tutorialsarrow Where is the router/firewall ??!!!!!
EH-Net
May 22, 2013, 10:51:29 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Where is the router/firewall ??!!!!!  (Read 584 times)
0 Members and 1 Guest are viewing this topic.
Cyber.spirit
Sr. Member
****
Offline Offline

Posts: 351


The World is sick, Save your mind...


View Profile
« on: April 19, 2013, 07:03:03 AM »
Hey my best friends

i am in middle of a pentest for my cousins company and iam using ISSAF according to hackingdojo shodan.
i've done these phases:

-Passive info gathering
-network mapping:
    
  • identifying live hosts (ok)
  • TCP/UDP Port scanning (OK)
  • Banner Grabbing (OK)
  • P/A OS Guessing (OK)

but now i am in identifying router or firewall stage. i performed a traceroute to the target but after some hops i see all stars because those hops doesn't respond to ICMP packets. now what? how can i identify routers?? pLEaaAse help!!
« Last Edit: April 23, 2013, 02:25:14 AM by don » Logged
ICS Academy Network Security Certified
Cyber.spirit
Sr. Member
****
Offline Offline

Posts: 351


The World is sick, Save your mind...


View Profile
« Reply #1 on: April 19, 2013, 08:11:13 AM »
Wait Wait Wait!!!
The problem is solved i have found a 20 range of their public ip address, seven of the are up 5 of that 7 are servers with alot of same configs and 2 of that 7 are Cisco devices there is no open TCP ports on that two but nmap aggressive scanning says tat they are cisco devices

now tell me please

1- how can i find which of them is router or switch?
2- how can i which network they are routing

please help i have complete the project three days later. thanks
Logged
ICS Academy Network Security Certified
Grendel
Full Member
***
Offline Offline

Posts: 242


View Profile WWW
« Reply #2 on: April 19, 2013, 12:00:20 PM »
It may not matter. The purpose of identifying the customer's routers and switches is to see if you can attack an administrative port (ssh, telnet, and/or snmp). Otherwise, just keep moving on.

BTW, we discuss that in the Nidan class.
« Last Edit: April 19, 2013, 12:01:55 PM by Grendel » Logged
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
Cyber.spirit
Sr. Member
****
Offline Offline

Posts: 351


The World is sick, Save your mind...


View Profile
« Reply #3 on: April 19, 2013, 01:14:45 PM »
Quote from: Grendel on April 19, 2013, 12:00:20 PM
It may not matter. The purpose of identifying the customer's routers and switches is to see if you can attack an administrative port (ssh, telnet, and/or snmp). Otherwise, just keep moving on.

BTW, we discuss that in the Nidan class.

Hi Thomas.
How are you? Thanx for your help i know that, your are right and i don't know cisco hacking but i am really curious to know what those devices are i think they are routers not firewalls but why they dont have any open ports. Anyway thanks i'll go to the next stage
Logged
ICS Academy Network Security Certified
ajohnson
Recruiters
Hero Member
*
Online Online

Posts: 1057


aka dynamik


View Profile WWW
« Reply #4 on: April 19, 2013, 05:37:19 PM »
Switches and routers are Layer-2 and -3 devices, respectively, and do not use TCP or UDP ports to operate. Anything at a higher level than the frame or packet is simply seen as the data payload.
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
Cyber.spirit
Sr. Member
****
Offline Offline

Posts: 351


The World is sick, Save your mind...


View Profile
« Reply #5 on: April 20, 2013, 07:14:13 AM »
Quote from: ajohnson on April 19, 2013, 05:37:19 PM
Switches and routers are Layer-2 and -3 devices, respectively, and do not use TCP or UDP ports to operate. Anything at a higher level than the frame or packet is simply seen as the data payload.

Well, Well, yup that is right TCP/UDP ports are for higher levels in osi or tcp/ip models and i already know that. As i mentioned before they are using cisco stuff and It's better to configure your Cisco device to accept the ssh or at-least telnet connections for later configs because the router/switch is in server room there is so cold and it is hard to config the switch using consol cable, that is why i thought it's strange for a router. anway thanks for your info.
Logged
ICS Academy Network Security Certified
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.082 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.