From: Alvin Oga (alvin.sec@Mail.Linux-Consulting.com)
Date: Mon Aug 25 2003 - 11:55:11 EDT
hi ya
On Mon, 25 Aug 2003, Sasa Jusic wrote:
> Hi everyone,
>
>
> This interesting discussion about firewall enumeration tools, made me ask
> one closely related question.
>
> I would like to know what are the usual steps when doing a pen test on the
> firewall?
http://www.Linux-Sec.net/Firewall/Testing/
- lots of to dos .. and mostly manangement, security policy and
enforcement
> Besides looking for potential vulnerabilities in the actual firewall device
> (by running some of the vulnerability scanning tools like Nessus, ISS,
> Retina etc),
after finding open ports .. find any new patches for the apps running
on those ports
> I am also interested in other automated or manual tests which
> could be useful for finding other potential security weaknesses
> (configuration errors, VPN services etc.).
for the above ..
- use of same loginID for various services
( email, ssh, vpn, ppp, ... )
- use of bad ( easily guessed ) passwds
run your favorite passwd crackers
http://www.Linux-Sec.net/Audit/Tools.pwd/
c ya
alvin
> I know that this is very general question, and that it depends on the
> situation and environment where the tests are made, but I would like to hear
> some general ideas and techniques from people with experience in this area.
>
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT