RE: How to discover FW-1 management module or GUI?

From: DABDELMO@bouyguestelecom.fr
Date: 09/13/01


Message-Id: <776BD5C0BA88D4118ABD0008C79F307701693C26@bt1sqteb.bpa.bouyguestelecom.fr>
From: DABDELMO@bouyguestelecom.fr
To: carmelo.floridia@keyconsultants.it, pen-test@securityfocus.com
Subject: RE: How to discover FW-1 management module or GUI?
Date: Thu, 13 Sep 2001 11:59:07 +0200

If I am not mistaken, you have port 257 opened on management console. So you
can scan the network for this port. Though if this is a standalone version
(management console+firewall module), there are strong chances that you
won't be able to scan the network, since there should be rules preventing
you to do such. If it is installed on another machine, and if there is no
soft to filter access to port 257, then this should show the presence of the
firewall module. For the GUI, I don't know how you can see that, but I think
it is really harder, since this is just a client and you have no port
listening. If it is possible in your network architecture to sniff the lan
where is the management console, and then check what connections are done to
the management console. You should find the firewall modules, and the gui.

David

> -----Message d'origine-----
> De: Carmelo Floridia [SMTP:carmelo.floridia@keyconsultants.it]
> Date: mardi 11 septembre 2001 10:58
> : pen-test@securityfocus.com
> Objet: How to discover FW-1 management module or GUI?
>
> How can i discover in a LAN the management module or the PC that run FW-1
> GUI?
> best regards
> Carmelo
>
>
> --------------------------------------------------------------------------
> --
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/