To scan a host downstream from a security gateway, Firewalking:
A.
Sends a UDP-based packet that it knows will be blocked by the firewall to determine how
specifically the firewall responds to such packets
B.
Uses the TTL function to send packets with a TTL value set to expire one hop past the
identified security gateway
C.
Sends an ICMP ”administratively prohibited” packet to determine if the gateway will drop the
packet without comment.
D.
Assesses the security rules that relate to the target system before it sends packets to any hops
on the route to the gateway
Explanation:
Firewalking uses a traceroute-like IP packet analysis to determine whether or not a
particular packet can pass from the attacker’s host to a destination host through a packet-filtering
device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More
over,it can determine whether packets with various control information can pass through a given
gateway.
B