Re: SV: Security test of firewall dose not show UDP port 500 is open

Which scan option are you using with Nessus 3.0?
Which have you used with 2.0?
If you use and have used nmap, which version?

Regards

Martin Thor-Kristiansen wrote:
This lead me back to the following question:
Why dose Nessus 2.x find the open port and Nessus 3.0 don't?

Best regards
Martin Thor-Kristiansen
Cisco CCSP, Microsoft MCSE
Chefkonsulent
----------------------------------
MRC Computer A/S
Thistedvej 66
9400 Nørresundby

Mobil: +45 23 21 62 66
Tlf.: +45 96 32 45 00
Fax: +45 96 32 45 01
Direkte: +45 96 32 45 04
www.mrc.dk
-----------------------------------


-----Oprindelig meddelelse-----
Fra: Daniel Lucq [mailto:daniel@xxxxxxxxx] Sendt: 28. marts 2006 11:11
Til: pen-test@xxxxxxxxxxxxxxxxx
Cc: Martin Thor-Kristiansen
Emne: Re: Security test of firewall dose not show UDP port 500 is open

Well, could be that the IKE service (if it is enabled) only responds to IKE handshake requests containing a supported IKE transform (or vendor ID, authentication type, etc.).

I would suggest using ike-scan to poke a bit at the target with different transforms etc.


Regards,
Daniel

mtk@xxxxxx wrote:
Hi all,

We have been using Nessus for security scanning the Cisco Pix firewalls we install for our custemers. I have one "old" repport showing ISAKMP UDM port 500 is open. The firewall isn't updated but now the port has disapeard fro the new rapport?
We have asked Cisco if the securiyt scanner is supposed to find UDP port 500 (I don't think so) and a CCIE from Cisco have told us "no the port is hidden."

I wonder how the port can be in the old repport?

If any one has any input please let me know.

Best regards,

MTK

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------


--

Davide Carnevali
CTO
Protechta - Information Security
OPST, CCSP
Tel. +39 0521 2021
Fax. +39 0521 207461
http://www.protechta.it/
e-mail: davide@xxxxxxxxxxxx
Disclaimer: http://www.protechta.it/disclaimer

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx
------------------------------------------------------------------------------

Relevant Pages

  • RE: Covert Microphone Application
    ... Next you are stating that as a trusted sys admin you can break an organisations security. ... managed service or an enterprise software ... As attacks through web applications continue to ... Download FREE whitepaper on how a managed service ...
    (Pen-Test)
  • Re: pentesting and macbook pro
    ... > Concerned about Web Application Security? ... > managed service or an enterprise software ... As attacks through web applications continue to ... Download FREE whitepaper on how a managed service can ...
    (Pen-Test)
  • RE: Hidden Copying Software
    ... Concerned about Web Application Security? ... Download FREE whitepaper on how a managed service ... As attacks through web applications continue to rise, ... Download FREE whitepaper on how a managed service can ...
    (Pen-Test)
  • RE: pentesting and macbook pro
    ... > Concerned about Web Application Security? ... > managed service or an enterprise software ... As attacks through web applications continue to ... Download FREE whitepaper on how a managed service can ...
    (Pen-Test)
  • Re: Pen-Test as a favor
    ... > Network Security archive which has some great guidelines: ... As attacks through web applications continue to rise, ... Download FREE whitepaper on how a managed service can ...
    (Pen-Test)