[fw-wiz] Pix device manager communications protocol

From: Rogan Dawes (discard_at_dawes.za.net)
Date: 06/28/04

  • Next message: Adam Humphrey: "[fw-wiz] FreeBSD 4.9 ipfw natd -- Port Forwarding" 
    To: firewall-wizards@honor.icsalabs.com
Date: Mon, 28 Jun 2004 14:52:28 +0200

    Hi folks,

    I'm curious to know whether anyone has tried to observe the
    communications protocol between the browser and firewall when using the
    Pix device manager? I'm guessing it is just a Java applet, accessing an
    HTTPS "web application" running on the Pix.

    I have created a program called webscarab which can intercept HTTPS
    requests, and log whatever is sent between client/browser and
    server/firewall. I would be very interested in seeing a sample of the
    communications, if anyone feels like testing this in their lab.

    Unfortunately, I don't have access to any Pixen, so can't do this myself.

    Interested folks can get WebScarab from
    https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=61823

    It requires a 1.4 or later JRE.

    Just specify a new or otherwise empty directory when it starts up,
    configure your browser to use localhost:8008 as a proxy for SSL
    requests, and then use the PDM as usual. WebScarab should show the
    various requests and responses made during the interaction. Most
    valuable would be logs showing both read access, as well as some changes.

    Enterprising folks might like to play with intercepting requests and
    modifying key values, to test for buffer overflows, etc.

    Then simply zip up the directory, and mail it to me. DON'T use a
    production Pix for this, obviously, and make sure it has no sensitive
    passwords in the configuration!

    Many thanks

    Rogan 

    -- 
Rogan Dawes
*ALL* messages to discard@dawes.za.net will be dropped, and added
to my blacklist. Please respond to "lists AT dawes DOT za DOT net"
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Adam Humphrey: "[fw-wiz] FreeBSD 4.9 ipfw natd -- Port Forwarding"

    Relevant Pages

    • Re: Kindly help me with this PIX problem
      ... If you have read the configuration that I posted, ... firewall configuration didn't change over many years and it did work ... PIX, our company cannot send or receive email. ... That command allows ssh to the PIX, ...
      (comp.dcom.sys.cisco)
    • Re: Firewall for laptops, corporation with 1,000 laptops
      ... I disagree completely that all you need is a PIX to protect your network, ... PIX does nothing to protect you from VPN ... alerting, which are essential to a firewall solution, are lacking.] ... the PIX firewall does nothing to protect a roaming laptop from ...
      (microsoft.public.security)
    • Re: Cisco PIX fixup protocol command
      ... The PIX is a stateful firewall and maintains state on ... The reason why a security evaluation might result in a recommendation to ... is no need to have the SMTP fixup enabled. ...
      (Security-Basics)
    • RE: Hardware Firewall vs Software Firewall
      ... Hardware Firewall vs Software Firewall ... will drive the price to the point where the PIX is more cost effective. ... on a router ACL unless you're using the CSPM, ...
      (Security-Basics)
    • RE: [fw-wiz] Skip the PDM
      ... PIX and CheckPoint and the PIX 501 is a real contender as a firewall to ... So to "speed things up" I tried using the PDM. ... DHCP pool starts at .2. ...
      (Firewall-Wizards)