Firewalk

Presented at Black Hat USA 1999, July 8, 1999, 1:30 p.m. (60 minutes)

Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker's host to a destination host through a packet-filtering device. This technique can be used to map 'open' or 'pass through' ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway. Also, using this technique, an attacker can map routers behind a packet-filtering device.

Presenters:

• Mike Schiffman - Senior Security Consultant, Internet Security Systems.
  Mike Schiffman has lectured across the country and overseas to technical and management audiences on network vulnerabilities, auditing and Internet penetration techniques. While at Cambridge Technology Partners, as senior security architect, he along with David Goldsmith developed "firewalk", a new technique for scanning packet forwarding devices and mapping networks. Some of his audit and penetration test clients include multinational financial and industrial institutions, television studios and fine German automobile corporations. He has also been a principal instructor for New Dimensions International on various network security topics. The clients and class participants have included the NSA, FBI, CIA, members of the defense and space industry, NASA as well as various members of the commercial industry. Mike is currently a senior security consultant with Internet Security Systems and is an associate faculty member for NDI. In his spare time he publishes and writes articles for a hobbyist computer security journal.

Similar Presentations:

• VB2018 / The missing link in the chain? Android network analysis
• Black Hat USA 2020 Virtual / EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
• ToorCon San Diego 12 (2010) / Introduction to Packet Capture Analysis