hi ya On Mon, 25 Aug 2003, Sasa Jusic wrote: > Hi everyone, > > > This interesting discussion about firewall enumeration tools, made me ask > one closely related question. > > I would like to know what are the usual steps when doing a pen test on the > firewall? http://www.Linux-Sec.net/Firewall/Testing/ - lots of to dos .. and mostly manangement, security policy and enforcement > Besides looking for potential vulnerabilities in the actual firewall device > (by running some of the vulnerability scanning tools like Nessus, ISS, > Retina etc), after finding open ports .. find any new patches for the apps running on those ports > I am also interested in other automated or manual tests which > could be useful for finding other potential security weaknesses > (configuration errors, VPN services etc.). for the above .. - use of same loginID for various services ( email, ssh, vpn, ppp, ... ) - use of bad ( easily guessed ) passwds run your favorite passwd crackers http://www.Linux-Sec.net/Audit/Tools.pwd/ c ya alvin > I know that this is very general question, and that it depends on the > situation and environment where the tests are made, but I would like to hear > some general ideas and techniques from people with experience in this area. > --------------------------------------------------------------------------- FREE Trial! New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL and PROFESSIONAL TL software. Fast, reliable vulnerability assessment technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825 ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Aug 25 2003 - 13:11:12 PDT