312-50V11 · Question #154
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the p
The correct answer is B. Firewalking. Firewalking uses IP TTL manipulation to probe which ports a firewall permits, allowing an attacker to map access control rules without directly reaching the internal host.
Question
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall.
Options
- ASession hijacking
- BFirewalking
- CMan-in-the middle attack
- DNetwork sniffing
How the community answered
(29 responses)- A7% (2)
- B86% (25)
- C3% (1)
- D3% (1)
Why each option
Firewalking uses IP TTL manipulation to probe which ports a firewall permits, allowing an attacker to map access control rules without directly reaching the internal host.
Session hijacking is an attack that takes over an already-established authenticated session between two hosts and has nothing to do with probing firewall filtering rules.
Firewalking crafts packets with a TTL set to expire exactly one hop beyond the target firewall gateway. If the firewall's ruleset permits the packet on a given port, it forwards it and a TTL-exceeded ICMP message returns from the next-hop router, confirming the port is open through the filter. If the firewall blocks the port, the packet is dropped silently, producing no response, and this difference in behavior allows an attacker to enumerate permitted ports without ever establishing a connection to the destination host.
A man-in-the-middle attack positions an adversary between two communicating parties to intercept or modify traffic, and does not involve actively probing which ports a firewall allows.
Network sniffing passively captures traffic already traversing a network segment and cannot generate probes to determine which ports are permitted through a firewall.
Concept tested: Firewalking technique for firewall ACL enumeration
Topics
Community Discussion
No community discussion yet for this question.