[fw-wiz] Pix device manager communications protocol

• Previous message: Melson, Paul: "RE: [fw-wiz] LAN-LAN VPN using PIXes and a dialup connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Mon, 28 Jun 2004 14:52:28 +0200

Hi folks,

I'm curious to know whether anyone has tried to observe the
communications protocol between the browser and firewall when using the
Pix device manager? I'm guessing it is just a Java applet, accessing an
HTTPS "web application" running on the Pix.

I have created a program called webscarab which can intercept HTTPS
requests, and log whatever is sent between client/browser and
server/firewall. I would be very interested in seeing a sample of the
communications, if anyone feels like testing this in their lab.

Unfortunately, I don't have access to any Pixen, so can't do this myself.

Interested folks can get WebScarab from
https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=61823

It requires a 1.4 or later JRE.

Just specify a new or otherwise empty directory when it starts up,
configure your browser to use localhost:8008 as a proxy for SSL
requests, and then use the PDM as usual. WebScarab should show the
various requests and responses made during the interaction. Most
valuable would be logs showing both read access, as well as some changes.

Enterprising folks might like to play with intercepting requests and
modifying key values, to test for buffer overflows, etc.

Then simply zip up the directory, and mail it to me. DON'T use a
production Pix for this, obviously, and make sure it has no sensitive
passwords in the configuration!

Many thanks

Rogan

-- 
Rogan Dawes
*ALL* messages to discard@dawes.za.net will be dropped, and added
to my blacklist. Please respond to "lists AT dawes DOT za DOT net"
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Melson, Paul: "RE: [fw-wiz] LAN-LAN VPN using PIXes and a dialup connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Kindly help me with this PIX problem ... If you have read the configuration that I posted, ... firewall configuration didn't change over many years and it did work ... PIX, our company cannot send or receive email. ... That command allows ssh to the PIX, ... (comp.dcom.sys.cisco) Re: Firewall for laptops, corporation with 1,000 laptops ... I disagree completely that all you need is a PIX to protect your network, ... PIX does nothing to protect you from VPN ... alerting, which are essential to a firewall solution, are lacking.] ... the PIX firewall does nothing to protect a roaming laptop from ... (microsoft.public.security) Re: Cisco PIX fixup protocol command ... The PIX is a stateful firewall and maintains state on ... The reason why a security evaluation might result in a recommendation to ... is no need to have the SMTP fixup enabled. ... (Security-Basics) RE: Hardware Firewall vs Software Firewall ... Hardware Firewall vs Software Firewall ... will drive the price to the point where the PIX is more cost effective. ... on a router ACL unless you're using the CSPM, ... (Security-Basics) RE: [fw-wiz] Skip the PDM ... PIX and CheckPoint and the PIX 501 is a real contender as a firewall to ... So to "speed things up" I tried using the PDM. ... DHCP pool starts at .2. ... (Firewall-Wizards)