In footprinting or reconnaissance phase, a penetration tester collects as much information as possible about the target machine. The primary purpose of this phase is to gather intelligence so as you can conduct an effective penetration test. At the end of his phase, you are expected to have a list of IP of your target machine that you can scan later on.
Much small-scale business does not use firewall as their first line of defense any web attacks to their internal network. Instead, they use a router between the Internet and Internal network to control incoming and outgoing traffic flow- this type of use of router is known as screening router. In fact, configuring ACLs inside a router can be a viable and effective solution to deny any incoming malicious packets to your LAN. If you have to test one such type of network router that is used a screening router, then you have to identify the type of router and its features. List all the ACL policy and the types of data packets that are permitted to enter your network. What are the router responses to various types of incoming traffic? Finally list all the live systems The following are the list of activity the you have to perform to test a screening router
1. Identify router type
2. List NAT, if there is any
3. Use TTL setting test by using port scanning
4. Test all the ACLs in the router
5. Verify if the address spoofing is being detected by the router
6. Test inverse scanning
7. If the router is filtering local traffic(egress filtering)
8. How the router is handling small size packets
9. How over-sized packets are being handled in the router
10. How router responding to overlapped packets. Normally overlapped fragments are used in TEARDROP attack.