| description |
|---|
When performing segmentation tests for PCI compliance, there aside from my Nmap scans there are a few things I've wanted to keep jotted down. This section contains my notes. |
Below are some basic commands to use while performing segmentation testing.
It should be noted that these should be modified in order to be more thorough.
nmap -sn $subnet -oA ICMP_Checknmap -sS -Pn -p- $subnet -oA TCP_Scan nmap -sU -Pn --top-ports 1000 $subnet -oA UDP_Scannmap -6 $ipv6address -oA IPv6_ScanThe following table is an example of how to report the results of a segmentation test:
| IP Address | Port | Protocol | Service |
|---|---|---|---|
| 10.1.1.1 | 53 | tcp | DNS |
| 10.2.2.2 | 80 | tcp | HTTP |
| 10.3.3.3 | 445 | tcp | SMB |
- When performing a segmentation test against FortiGate devices, port 113/TCP may appear against every host as:
closed. This is not a firewall misconfiguration. This documentation details more on this issue. - When a port appears as
open|filteredafter performing a UDP scan, try running the following to verify if it is open:
nmap -sUC -p $port $ipaddress{% hint style="warning" %} Segmentation tests should note all open ports regardless of the business use case. If a business needs a port open, jusitifcation should be provided in the report. {% endhint %}