Re: Plugin for tcp/1034 authentication port in Checkpoint Fw-1

From: Michel Arboi (mikhailat_private)
Date: Fri Apr 11 2003 - 10:36:36 PDT

Next message: sulloat_private: "service ident for find_service.nes"

Previous message: Christophe BRIGUET: "Re: Plugin for tcp/1034 authentication port in Checkpoint Fw-1"
In reply to: Christophe BRIGUET: "Plugin for tcp/1034 authentication port in Checkpoint Fw-1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Christophe BRIGUET <cbriguetat_private> writes:

>  script_version ("$Revision: 0.1 $");

Leave this to "$Revision$", CVS will set it

> FireWall-1 4.1 SP1 and later support using Session Authentication
> over SSL.

If this implements Telnet over SSL, your plugin is wrong, as Nessus
will silently negociate SSL/TLS if needed.

>  data = get_telnet_banner(port: port);
>  if(data)
>  {

Here, you have to add some check like:
if (get_port_transport(port) == ENCAPS_IP) ...

>   if("Check Point FireWall-1 authenticated Telnet server running on" >< data)
>         security_warning(port);

Next message: sulloat_private: "service ident for find_service.nes"
Previous message: Christophe BRIGUET: "Re: Plugin for tcp/1034 authentication port in Checkpoint Fw-1"
In reply to: Christophe BRIGUET: "Plugin for tcp/1034 authentication port in Checkpoint Fw-1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 11 2003 - 10:36:49 PDT