Re: Raptor firewall 6.1 port 80

From: Kroma Pierre (kroma_at_syss.de)
Date: 07/12/04

  • Next message: Rainer Duffner: "Re: Why eEye Retina (was MBSA scanner)"
    Date: Mon, 12 Jul 2004 12:51:07 +0200
    To: pen-test@securityfocus.com
    
    

    that's is a problem of brutus. I know the problem! you can attack for example a pop3 or telnet account and you will see, brutus also will said, he found for example a password "aaa" or s.th. else! But if you want to verify it, you will see the passwords are wrong!

    use another password cracker! brutus is not reliable enough! (try for example "hydra" from www.thc.org).

    hope to help you.

    pierre

    On Thu, 1 Jul 2004 12:04:04 -0400 (EDT)
    Martin S <shurbanm@vuser.vu.union.edu> wrote:

    > I am testing a couple of Raptor firewalls (6.1 apparently). And I ran
    > Brutus on port 80 just to see what's going to happen using Forms
    > authentication. It does pick up 2 successful authentications using (admin
    > and backup as logins). However, this cannot be right as first of all it
    > picks up different passwords (like aaa or academia on different runs) and
    > secondly a web browser session on port 80 comes back with:
    > "
    > Service Unavailable
    > The proxy is currently unable to handle the request due to a (possibly)
    > temporary error. Extended error information is:
    >
    > If this situation persists, please contact your firewall administrator. "
    >
    > Any ideas?
    >


  • Next message: Rainer Duffner: "Re: Why eEye Retina (was MBSA scanner)"