To scan a host downstream from a security gateway, Firewalking:
A . Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B . Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C . Sends an ICMP ”administratively prohibited” packet to determine if the gateway will drop the packet without comment.
D . Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway
Answer: B
Explanation:
Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.
Leave a Reply