Hi, Warning - I work for Blade. End of Warning. You may want to try out Firewall Informer, there is a free eval on our website, address at the bottom. It operates from a laptop with 2 nic's, one becomes the "source" the other becomes the "destination". You basically plug the network leads either side of the device you are testing and configure protocol scans which are transmitted between the two interfaces. Protocol Scans are able to replay any point to point network protocol giving you the ability to define source and destination IP and port information. You can actually use ranges and random as well for each of the ip fields, i.e. Source IP- 192.168.1-200.* (a "-" equals range between two points and a "*" means random" Source Port - * Protocol Used - Telnet (again you can use any point to point protocol) Destination IP - 192.134.100.5 Source Port - 1-2000 As you are "plugged" into each side of the device you have the ability to test going both ways, so outside in, and inside out. Also just to add both nic's are able to transmit and communicate without the need for IP. You can do some other things like determine how long you want the test to run for if it's a large one. You can also define if you think the test should succeed or fail. That way you can easily run a test which maps what the firewall policy should be or run a test which is the inverse to prove that certain connectivity is blocked. We also have detailed reporting in the product which goes down to packet level so you can see at which exact point a device blocks traffic. This is really useful when testing these new deep packet analysis devices. Here is the link www.blade-software.com Hope this helps and feel free to ping me if you want any further info. Cheers Matt -----Original Message----- From: MY-Magdelin Tey [mailto:magdelin.teyat_private-cop.net] Sent: 19 August 2003 05:09 To: 'pen-testat_private' Subject: Using Firewall enumeration tools Hi, i have recently tried the Firewalk 5.0 tool on the checkpoint firewall. Somehow, there is lack of help in using this tool. the only source of documents i have is a whitepaper which does not list out how to actually use this tool. has anyone been in contact with this tool, or any effective and successful firewall penentration tesing tools? rdgs Crux --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 20 2003 - 09:48:12 PDT