User, Password and Domain for ISA Server

From: Kamal Parmar (kamal.parmar@ke.ey.com)
Date: Sat Dec 20 2003 - 07:58:29 EST


Hi,

I am wondering whether anyone has been in these shoes before.

I am working on a pen-test where I need to penetrate a machine which I
believe is a Windows machine running Internet Security and Acceleration
Server (ISA). I suspect it allows inbound connections to an internal LAN
through a browser.....

.... if only I can provide an appropriate user name, password and domain.
Obviously I do not have any of these.

I have drilled through dozens of sites on MS ISA server but all I get is
admiration for this 'firewall' (!) and its feature rich capabilities
(gggrttr...!)

Can anyone help?

Kamal Parmar
Senior Business Analyst
Technology and Security Risk Services (TSRS)
Ernst & Young
NAIROBI
webmail: kamal.parmar@accamail.com
         ----------------------------------------------------------
The information contained in this communication is intended solely for the
         use of the individual or entity to whom it is addressed and others
         authorized to receive it. It may contain confidential or legally
         privileged information. If you are not the intended recipient
         you are hereby notified that any disclosure, copying, distribution
         or taking any action in reliance on the contents of this
         information is strictly prohibited and may be unlawful. If you
         have received this communication in error, please notify us
         immediately by responding to this email and then delete it from
         your system. Ernst & Young is neither liable for the proper and
         complete transmission of the information contained in this
         communication nor for any delay in its receipt.

Note: If you have received a delivery failure report, it may be due to the
         change in the Ernst & Young e-mail domain from "eyi.com" to
         "ey.com". Could you please make the necessary amendment, if
         required, and resend the message.

---------------------------------------------------------------------------
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:44 EDT