Read this: http://www.dataprotect.com/bh2000/ This is a very VERY thorough ripping up of FW-1 by Thomas Lopatic, John McDonald, and Dug Song. Depending on the version of the firewall that is bring run it should be possible get the IP address of the management station from an inspection module. From there you should be able to glean the ip addresses of authorized GUI modules from poking at the management station itself. I am not saying this is TRIVIAL, but according to the research and presentation by this team it is VERY doable. --The Crocodile --(CCSA, CCSE Just for sh*ts and grins :P) ----- Original Message ----- From: "Carmelo Floridia" <carmelo.floridiaat_private> To: <pen-testat_private> Sent: Tuesday, September 11, 2001 1:58 AM Subject: How to discover FW-1 management module or GUI? > How can i discover in a LAN the management module or the PC that run FW-1 > GUI? > best regards > Carmelo > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Sep 16 2001 - 23:06:26 PDT