Firewall assessment

From: Sasa Jusic (sjusic_at_pamela.zesoi.fer.hr)
Date: 08/25/03

  • Next message: Alvin Oga: "Re: Firewall assessment" 
    To: "'pen-test@securityfocus.com'" <pen-test@securityfocus.com>
Date: Mon, 25 Aug 2003 16:18:09 +0200

    Hi everyone,

     
    This interesting discussion about firewall enumeration tools, made me ask
    one closely related question.

    I would like to know what are the usual steps when doing a pen test on the
    firewall?

    Besides looking for potential vulnerabilities in the actual firewall device
    (by running some of the vulnerability scanning tools like Nessus, ISS,
    Retina etc), I am also interested in other automated or manual tests which
    could be useful for finding other potential security weaknesses
    (configuration errors, VPN services etc.).

    I know that this is very general question, and that it depends on the
    situation and environment where the tests are made, but I would like to hear
    some general ideas and techniques from people with experience in this area.

     
    Thanks,

    Sasa Jusic
    e-mail:sasa.jusic@zesoi.fer.hr

    ---------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world<92>s premier
    technical IT security event. Modeled after the famous Black Hat event in
    Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
    Symantec is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
    ----------------------------------------------------------------------------

  • Next message: Alvin Oga: "Re: Firewall assessment"

    Relevant Pages

    • Re: Firewall assessment
      ... >This interesting discussion about firewall enumeration tools, ... >one closely related question. ... >Besides looking for potential vulnerabilities in the actual firewall device ...
      (Pen-Test)
    • Re: Top IPS vendors - please read for invitation to Network World review.
      ... Portsentry can block an ip address using the route ... > firewall at all. ... > Symanetc is the Diamond sponsor. ... Modeled after the famous Black Hat event in ...
      (Focus-IDS)
    • RE: Network Design
      ... With a firewall set up like that, you're looking at 3 interfaces (inside, ... building a front-end server for OWA. ... Modeled after the famous Black Hat event in ... Symantec is the Diamond sponsor. ...
      (Security-Basics)
    • AW: ICMP (Ping)
      ... You don't want people to be able to enumerate your firewall. ... Ping from the internet? ... Modeled after the famous Black Hat event in ... Symantec is the Diamond sponsor. ...
      (Security-Basics)
    • Re: Top IPS vendors - please read for invitation to Network World review.
      ... Have you used PortSentry? ... It's certainly not a firewall at all. ... Modeled after the famous Black Hat event in ... Symanetc is the Diamond sponsor. ...
      (Focus-IDS)