Re: Firewall assessment

From: Alvin Oga (alvin.sec_at_Mail.Linux-Consulting.com)
Date: 08/25/03

Next message: Jorge Lozano: "Re: Firewall assessment"

Previous message: Sasa Jusic: "Firewall assessment"
In reply to: Sasa Jusic: "Firewall assessment"
Next in thread: Jorge Lozano: "Re: Firewall assessment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 25 Aug 2003 08:55:11 -0700 (PDT)
To: Sasa Jusic <sjusic@pamela.zesoi.fer.hr>

hi ya

On Mon, 25 Aug 2003, Sasa Jusic wrote:

> Hi everyone,
>
>
> This interesting discussion about firewall enumeration tools, made me ask
> one closely related question.
>
> I would like to know what are the usual steps when doing a pen test on the
> firewall?

http://www.Linux-Sec.net/Firewall/Testing/

- lots of to dos .. and mostly manangement, security policy and
enforcement

> Besides looking for potential vulnerabilities in the actual firewall device
> (by running some of the vulnerability scanning tools like Nessus, ISS,
> Retina etc),

after finding open ports .. find any new patches for the apps running
on those ports

> I am also interested in other automated or manual tests which
> could be useful for finding other potential security weaknesses
> (configuration errors, VPN services etc.).

for the above ..
- use of same loginID for various services
( email, ssh, vpn, ppp, ... )

- use of bad ( easily guessed ) passwds

run your favorite passwd crackers
http://www.Linux-Sec.net/Audit/Tools.pwd/

c ya
alvin

> I know that this is very general question, and that it depends on the
> situation and environment where the tests are made, but I would like to hear
> some general ideas and techniques from people with experience in this area.
>

---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------

Next message: Jorge Lozano: "Re: Firewall assessment"

Previous message: Sasa Jusic: "Firewall assessment"
In reply to: Sasa Jusic: "Firewall assessment"
Next in thread: Jorge Lozano: "Re: Firewall assessment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]