RE: PacketShaper

From: GRUPOHEMAC.- juan davila (jdavila_at_grupohemac.com.mx)
Date: 05/04/04

  • Next message: Steve Goldsby (ICS): "RE: PacketShaper"
    To: "Brewis,Mark" <mark.brewis@eds.com>, "'Filipe A.'" <incognito@patria.ath.cx>, pen-test@securityfocus.com
    Date: Tue, 4 May 2004 08:26:35 -0600
    
    

    Upgrade the software to version 6 and configure only access on interfaces
    inbound for management .

    Hemac Teleinformatica
    Ing. Juan Carlos Davila Ortiz
    Ingenieria
    Chapultepec # 710 Col. Moderna
    3616-3824 Guadalajara, Jal.
    jdavila@grupohemac.com.mx

    ---------- Original Message -----------
    From: "Brewis, Mark" <mark.brewis@eds.com>
    To: "'Filipe A.'" <incognito@patria.ath.cx>, pen-test@securityfocus.com
    Sent: Mon, 3 May 2004 20:56:11 +0100
    Subject: RE: PacketShaper

    > Filipe,
    >
    > I had a look at one of these about three years ago; I sent out a similar
    > request and didn't get anything back. I didn't find anything in its
    > deployed state, although you appear to have more ports available
    > than I remember seeing. What is it using echo for?
    >
    > Obviously, a lot of things have moved on in that time with regard to
    > application testing. Can you get anything out of the webserver at
    > all? Is it an apache, tomcat or lynx derivative, or is it
    > proprietary? If you haven't already, try using attacks against
    > those as a starting place if it is proprietary, and then fuzz on
    > those. It may be one of those things that you feel ought to break,
    > but never does.
    >
    > No idea about the algorithm, I'm afraid.
    >
    > Good luck,
    >
    > Mark
    >
    > Mark Brewis
    >
    > Security Consultant
    > EDS
    > UK Information Assurance Group
    > Wavendon Tower
    > Milton Keynes
    > Buckinghamshire
    > MK17 8LX.
    >
    > Tel: +44 (0)1908 28 4013
    > Mbl: +44 (0)7989 291 648
    > Fax: +44 (0)1908 28 4393
    > E@: mark.brewis@eds.com
    >
    > This email is confidential and intended solely for the use of the
    > individual(s) to whom it is addressed. Any views or opinions
    > presented are solely those of the author. If you are not the
    > intended recipient, be advised that you have received this email in
    > error and that any use, dissemination, forwarding, printing, or
    > copying of this mail is strictly prohibited.
    >
    > Precautions have been taken to minimise the risk of transmitting software
    > viruses, but you must carry out your own virus checks on any
    > attachment to this message. No liability can be accepted for any
    > loss or damage caused by software viruses.
    >
    >
    > >>-----Original Message-----
    > >>From: Filipe A. [mailto:incognito@patria.ath.cx]
    > >>Sent: 28 April 2004 10:48
    > >>To: pen-test@securityfocus.com
    > >>Subject: PacketShaper
    > >>
    > >>
    > >>
    > >> Hello. I'm in the middle of a pentest. On my client's network sits
    > >>a PacketShaper (v5.3.0) from Packeteer [1]. This seems to be a
    > >>commom device for traffic shaping yet I can't find any published
    > >>vulnerabilities for it. Open ports are 7, 21, 23 and 80. Both web and
    > >>telnet interfaces require only a password for authentication, no
    > >>username needed. Default pwds were no good. I can code a brute
    > >>forcer but was wondering if anyone here has audited one of these boxes
    > >>and can share some info.
    > >>SNMP read community is also available but I don't find any sensitive
    > >>information there, apart from traffic statistics. One last
    > >>fact, I found
    > >>this quote in Packeteer's site regarding password recovery:
    > >>"[...] contact Customer Support. After you provide them with
    > >>your serial
    > >>number, they will generate a default password you can use to
    > >>access your
    > >>unit via the command-line or browser interface." If I understand
    > >>correctly there's an algorithm somewhere that will generate a default
    > >>pwd for each box according to it's serial number. Any ideas? (social
    > >>engeneering is out of scope for this audit)
    > >>
    > >>Thanks in advance.
    > >>
    > >>
    > >>[1]
    > >>http://www.packeteer.com/prod-sol/products/packetshaper_topologies.cfm
    > >>
    > >>
    > >>
    > >>
    > >>--------------------------------------------------------------
    > >>----------------
    > >>Ethical Hacking at the InfoSec Institute. Mention this ad and
    > >>get $545 off
    > >>any course! All of our class sizes are guaranteed to be 10
    > >>students or less
    > >>to facilitate one-on-one interaction with one of our expert
    > >>instructors.
    > >>Attend a course taught by an expert instructor with years of
    > >>in-the-field
    > >>pen testing experience in our state of the art hacking lab.
    > >>Master the skills
    > >>of an Ethical Hacker to better assess the security of your
    > >>organization.
    > >>Visit us at:
    > >>http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > >>--------------------------------------------------------------
    > >>-----------------
    > >>
    >
    > ---------------------------------------------------------------------------

    ---
    > Ethical Hacking at the InfoSec Institute. Mention this ad and get 
    > $545 off any course! All of our class sizes are guaranteed to be 10 
    > students or less to facilitate one-on-one interaction with one of 
    > our expert instructors. Attend a course taught by an expert 
    > instructor with years of in-the-field pen testing experience in our 
    > state of the art hacking lab. Master the skills of an Ethical Hacker 
    > to better assess the security of your organization. Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ---------------------------------------------------------------------------
    ----
    ------- End of Original Message -------
    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------
    

  • Next message: Steve Goldsby (ICS): "RE: PacketShaper"

    Relevant Pages

    • RE: Cisco CSA
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Any reason not to use strcpy, strcat or scanf?
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: New Trojan?
      ... > Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: Wireless access
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • Re: antivirus for linux
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)