For Checkpoint, use nmap and do a TCP and OS detection scan. If they are doing one-to-many NAT the machines will be detected as "behind a Checkpoint Firewall-1 4.1 SP2 Server" or whatever. The firewall itself is likely to have some combination of TCP ports 256-259, 264-265 open for management, auth, key exchange, etc. >-----Original Message----- >From: priya subramanian [mailto:pentestingat_private] >Sent: Monday, May 07, 2001 5:11 AM >To: PEN-TESTat_private >Subject: [PEN-TEST] Detecting the presence of a firewall > > >Pl clarify the following > >1. Are there any means of detecting the presence of a >checkpoint firewall at a company's premises, from a >remote location. > >2.Knowing one interface of the firewall machine, is it >possible for me to find the ip addresses of the other >interfaces. > >Kindly reply at the earliest. > >Priya > >Free, encrypted, secure Web-based email at www.hushmail.com > Free, encrypted, secure Web-based email at www.hushmail.com IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.
This archive was generated by hypermail 2b30 : Mon May 14 2001 - 15:25:33 PDT