walter valenti wrote: > I'm doing a pen test on a network via VPN with CheckPoint SecureClient. > > I can't use a Linux box, why the customer not provides us the client for > linux but only for win98,NT,2000. Sadly, there is no native SecureClient product for Linux yet. FreeS/WAN <http://www.freeswan.org/> gives IPSec capabilities to Linux but will require configuration on the firewall side as a VPN site. Your customer may not be prepared to do this. > I use 2000, why using NT the nmap(nt) don't work on a VPN. > > => I'v got two problem: find a good and efficient tool for 2000 like > NESSUS; > built the raw socket on 2000 (the Net::RawIP of Perl is only for *nix), > there is some library in C? I would use <http://www.phoneboy.com/faq/0244.html> as a starting point and use my usual collection of *nix tools. You'll need to make sure the customer isn't using the firewall component of SecureClient to enforce a security policy on the *client* machines *as well* as the firewall (as per <http://www.phoneboy.com/faq/0390.html>). Best Regards, Alex. -- Alex Butcher PGP/GnuPG Key IDs: Consultant, S3 Systems Security Services alex@s3 B7709088 PGP: http://www.s3.integralis.co.uk/pgp/alex.pgp alex.butcher@ 885BA6CE -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Jul 06 2001 - 08:22:57 PDT