Whoops, you are right. My bad. But nevertheless it does retrieve all ips and version information on the checkpoint box. > -----Original Message----- > From: Tyler Shields [mailto:tshieldsat_private] > Sent: Monday, May 14, 2001 2:28 PM > To: 'Ansar Mohammed'; 'Penetration Testers' > Subject: RE: [PEN-TEST] Detecting the presence of a firewall > > > What you are speaking of is the following: > > http://www.dataprotect.com/bh2000/ > > Not released by blackhat but work done by the Dug Song, > Thomas Lopatic, and John McDonald released AT blackhat 2000. > > --Tyler > > -----Original Message----- > From: Ansar Mohammed [mailto:amohammed@carib-link.net] > Sent: Monday, May 14, 2001 8:41 AM > To: 'Penetration Testers' > Subject: RE: [PEN-TEST] Detecting the presence of a firewall > > > Yes there is a way. > > A while ago blackhat released an exploit for checkpoint fw-1. > > A side effect of the exploit, regardless of wether it works > or not is that it displays all ip interfaces of the firewall. > However, the firewall rules must allow you to access the > management ports. > > > The exploit runs on Linux or OpenBSD. You can find it at www.blackhat.com > -----Original Message----- > From: Penetration Testers [mailto:PEN-TESTat_private] > On Behalf Of priya subramanian > Sent: Monday, May 07, 2001 5:11 AM > To: PEN-TESTat_private > Subject: [PEN-TEST] Detecting the presence of a firewall > > > Pl clarify the following > > 1. Are there any means of detecting the presence of a > checkpoint firewall at a company's premises, from a remote location. > > 2.Knowing one interface of the firewall machine, is it possible for me > to find the ip addresses of the other interfaces. > > Kindly reply at the earliest. > > Priya > > > > > > > ____________________________________________________________ > Do You Yahoo!? > For regular News updates go to http://in.news.yahoo.com >
This archive was generated by hypermail 2b30 : Mon May 14 2001 - 15:18:40 PDT