RE: Using Firewall enumeration tools

From: Matt Foster (matt.foster@blade-software.com)
Date: Wed Aug 20 2003 - 10:17:46 EDT


Hi,

Warning - I work for Blade. End of Warning.

You may want to try out Firewall Informer, there is a free eval on our website,
address at the bottom. It operates from a laptop with 2 nic's, one becomes the
"source" the other becomes the "destination". You basically plug the network
leads either side of the device you are testing and configure protocol scans
which are transmitted between the two interfaces. Protocol Scans are able to
replay any point to point network protocol giving you the ability to define
source and destination IP and port information. You can actually use ranges and
random as well for each of the ip fields, i.e.

Source IP- 192.168.1-200.* (a "-" equals range between two points and a "*"
means random"
Source Port - *
Protocol Used - Telnet (again you can use any point to point protocol)
Destination IP - 192.134.100.5
Source Port - 1-2000

As you are "plugged" into each side of the device you have the ability to test
going both ways, so outside in, and inside out. Also just to add both nic's are
able to transmit and communicate without the need for IP.

You can do some other things like determine how long you want the test to run
for if it's a large one. You can also define if you think the test should
succeed or fail. That way you can easily run a test which maps what the firewall
policy should be or run a test which is the inverse to prove that certain
connectivity is blocked.

We also have detailed reporting in the product which goes down to packet level
so you can see at which exact point a device blocks traffic. This is really
useful when testing these new deep packet analysis devices.

Here is the link
www.blade-software.com

Hope this helps and feel free to ping me if you want any further info.

Cheers
Matt

-----Original Message-----
From: MY-Magdelin Tey [mailto:magdelin.tey@my.e-cop.net]
Sent: 19 August 2003 05:09
To: 'pen-test@securityfocus.com'
Subject: Using Firewall enumeration tools

Hi,

i have recently tried the Firewalk 5.0 tool on the checkpoint firewall.
Somehow, there is lack of help in using this tool. the only source of
documents i have is a whitepaper which does not list out how to actually use
this tool.
has anyone been in contact with this tool, or any effective and successful
firewall penentration tesing tools?

rdgs
Crux

---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT