312-50V13 · Question #49
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the p
The correct answer is B. Firewalking. The technique described, where an attacker uses crafted packets to determine open ports and firewall rules from an untrusted network, is called firewalking.
Question
Options
- ASession hijacking
- BFirewalking
- CMan-in-the middle attack
- DNetwork sniffing
How the community answered
(33 responses)- B94% (31)
- C3% (1)
- D3% (1)
Why each option
The technique described, where an attacker uses crafted packets to determine open ports and firewall rules from an untrusted network, is called firewalking.
Session hijacking involves taking control of an established communication session between two legitimate parties.
Firewalking is a technique used by attackers (or penetration testers) to map out a firewall's rule set and determine which ports are open and which protocols are allowed to pass through it to internal networks. This is typically done by sending packets with a TTL (Time To Live) value crafted to expire just past the firewall, causing an ICMP "Time Exceeded" message if the firewall allows the packet to pass.
A man-in-the-middle (MITM) attack involves an attacker secretly relaying and possibly altering the communication between two parties who believe they are communicating directly.
Network sniffing involves passively capturing and analyzing network traffic.
Concept tested: Firewall rule set mapping (firewalking)
Topics
Community Discussion
No community discussion yet for this question.