RE: How to discover FW-1 management module or GUI?

From: DABDELMO@bouyguestelecom.fr
Date: 09/13/01


Message-Id: <776BD5C0BA88D4118ABD0008C79F307701693C26@bt1sqteb.bpa.bouyguestelecom.fr>
From: DABDELMO@bouyguestelecom.fr
To: carmelo.floridia@keyconsultants.it, pen-test@securityfocus.com
Subject: RE: How to discover FW-1 management module or GUI?
Date: Thu, 13 Sep 2001 11:59:07 +0200

If I am not mistaken, you have port 257 opened on management console. So you
can scan the network for this port. Though if this is a standalone version
(management console+firewall module), there are strong chances that you
won't be able to scan the network, since there should be rules preventing
you to do such. If it is installed on another machine, and if there is no
soft to filter access to port 257, then this should show the presence of the
firewall module. For the GUI, I don't know how you can see that, but I think
it is really harder, since this is just a client and you have no port
listening. If it is possible in your network architecture to sniff the lan
where is the management console, and then check what connections are done to
the management console. You should find the firewall modules, and the gui.

David

> -----Message d'origine-----
> De: Carmelo Floridia [SMTP:carmelo.floridia@keyconsultants.it]
> Date: mardi 11 septembre 2001 10:58
> : pen-test@securityfocus.com
> Objet: How to discover FW-1 management module or GUI?
>
> How can i discover in a LAN the management module or the PC that run FW-1
> GUI?
> best regards
> Carmelo
>
>
> --------------------------------------------------------------------------
> --
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Re: FW: baby pen-test question
    ... I ALWAYS do an nmap sweep of varying degrees. ... As for testing a large network, I primarily base my efforts on the mission ... My first question is about port scanning. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Identify OS?
    ... The first thing that struck me was port 6112/dtspc. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Raptor Firewall 6.5 Config
    ... Raptor as a firewall also has another side feature that can confuse ... This is the whole keep a port open PNAT idea. ... Once raptor has a standard proxy or GSP enabled, it 'opens' that ... >>This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Digital UNIX 5.60 recourses
    ... Find out what is running on what port (use of netcat, nmap, ... >> Subject: Digital UNIX 5.60 recourses ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: Serial Connection Password Cracker.
    ... This is a tcp socket server that redirects all I/O to a serial port. ... > Subject: Re: Serial Connection Password Cracker. ... >> This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)