Re: Using Firewall enumeration tools

• Previous message: Anders Thulin: "Re: Pen Test mistake"
• Maybe in reply to: MY-Magdelin Tey: "Using Firewall enumeration tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 22 Aug 2003 09:35:13 -0000
To: pen-test@securityfocus.com

Hi,

Firewalk is a good tool to learn, it sending out TCP or UDP packets with a
TTL value. But in the real world "ICMP_TIME_EXCEEDED " is rarely allowed
hence your Firewalking technique will not help a lot.
Try to build your own testing methodology based on the kind of traffic,
hosts, protocols, routers, ids, firewalls...and off course the breaker or
the sysadmin point of view.
Tools like nmap and hping are very usefull, cross checking with tcpdump
and or snort should help to see what's going on.

Abdelbaset.

>
>Hi,
>
>i have recently tried the Firewalk 5.0 tool on the checkpoint firewall.
>Somehow, there is lack of help in using this tool. the only source of
>documents i have is a whitepaper which does not list out how to actually
use
>this tool.
>has anyone been in contact with this tool, or any effective and successful
>firewall penentration tesing tools?
>
>rdgs
>Crux
>

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world<92>s premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
----------------------------------------------------------------------------

• Previous message: Anders Thulin: "Re: Pen Test mistake"
• Maybe in reply to: MY-Magdelin Tey: "Using Firewall enumeration tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]