Nmap Development mailing list archives
Re: nmap mapping fw's
From: Bo Cato <jcato73 () comcast net>
Date: Thu, 9 Oct 2003 18:51:07 -0400
Firstly blackice defender (which I assume is what is on your laptops) doesn't block icmp via any GUI setting you can make. Although if you are slick you can edit the blackice config file by hand to accomplish this. Secondly where exactly are you scanning from? Inside or outside? The Pix by default has nice security 0 and 100 levels that protect even the most ignorant admins. It's the admins with a "little" bit of knowledge that the Pix can't even protect since insecure access lists and conduit statements can rip huge holes into anything. Checkpoint fw1 is all about defining your objects and rules correctly. Without any information it's hard to answer your question but you may want to ponder this. You ever play catch as a kid? Ya know, you throw a ball and someone catches it. Apply that on a network level and you'll have your most basic assessment. For something comprehensive try www.nessus.org, which... by the way... uses nmap, runs hundreds of tests, and can even make nice picture pie charts for the management cattle to graze on. You may want to do yourself a favor and read a white paper or two on pen testing since your employer is apparently depending on you for their security or lack of it. Hello jaye, Thursday, October 09, 2003, 2:38:04 PM, you wrote: jhc> -----BEGIN PGP SIGNED MESSAGE----- jhc> Hash: SHA1 jhc> How do people map firewalls (blackice, checkpoint fw1 and pix) with nmap, jhc> if at all? We've been tasked with using nmap for Asset management, jhc> which is cool, but all of our laptops have blackice on them now. I already jhc> do these scans with the P0 option, but I was looking for more ideas on jhc> this. jhc> thank you jhc> Jaye Gettes jhc> -----BEGIN PGP SIGNATURE----- jhc> Note: This signature can be verified at https://www.hushtools.com/verify jhc> Version: Hush 2.3 jhc> wkYEARECAAYFAj+FqdAACgkQhQwe0z0ejgfuOACguNdGGsAn0syk0EMrUCj1DgLQQf0A jhc> n3HFTDlt3JigS8WEZhhHanuy9WkX jhc> =RLpl jhc> -----END PGP SIGNATURE----- jhc> --------------------------------------------------------------------- jhc> For help using this (nmap-dev) mailing list, send a blank email to jhc> nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org). -- Best regards, Bo mailto:jcato73 () comcast net --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- nmap mapping fw's jaye_gettes (Oct 09)
- Re: nmap mapping fw's Bo Cato (Oct 09)