Orange County Computer Consultant

My photo
Orange County Computer Consultant helps small businesses with networking, installations and small business software.

Wednesday, August 31, 2005

Open Source Security

Last night I played with Nessus which is a good vulnerabilty scanner. I also messed with Nmap and its graphical front end. I read alot about TCP, IP, UDP, and SYN, ACK, FIN Flags and different responses. I analyzed network protcols with EtherApe. It is even possible to craft packets to contain any source, destination port, or tunnel through any port i.e. 80. For instance if firewall blocks everything except the internet it is possible to tunnel to port 80 and issue commands as long as it is acting as a server. more on this later.