From: John Lampe (jwlampe@tenablesecurity.com)
Date: Tue Jun 12 2007 - 12:06:27 EDT
TStark wrote:
> Hello,
>
> I am planning on pen testing a Tippingpoint appliance, I think it's a
> 200e, I'm looking for some suggestions on what to use to pen test this
> thing.
> I haven't found a Nessus plug in to help test this appliance, I'd bet
> there is one out there somewhere.
>
> Any information to help me test/penetrate Tippingpoint would be very
> helpful, I'd like to make sure we test this thing well before we shell
> out that kind of dough.
>
I think you'll want to look at traffic processed at the device, but not
destined for the device. Look at stuff like:
stream reassembly
fragmentation
encoding/decoding
compression
Look at the protocols that it supports and then think about ways it
would be really, really easy to mishandle those protocols. Nessus is a
great tool, but I think you would be better off using Nessus with
dangerous checks and scanning a machine that is *protected* by the
Tippingpoint device. I'd recommend the same with a protocol fuzzer.
just my .02. have fun.
--
John Lampe
Senior Security Researcher
TENABLE Network Security, Inc.
jwlampe@{nessus.org,tenablesecurity.com}
Tele: (410) 872-0555
www.tenablesecurity.com
Is your network TENABLE?
---------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT