RE: [PEN-TEST] Detecting the presence of a firewall

["Ansar Mohammed" <amohammed () carib-link net>]

Whoops, you are right.
My bad. 
But nevertheless it does retrieve all ips and version information on the
checkpoint box.


> -----Original Message-----
> From: Tyler Shields [mailto:tshields () portal com] 
> Sent: Monday, May 14, 2001 2:28 PM
> To: 'Ansar Mohammed'; 'Penetration Testers'
> Subject: RE: [PEN-TEST] Detecting the presence of a firewall
>
>
> What you are speaking of is the following:
>
> http://www.dataprotect.com/bh2000/
>
> Not released by blackhat but work done by the Dug Song, 
> Thomas Lopatic, and John McDonald released AT blackhat 2000.
>
> --Tyler
>
> -----Original Message-----
> From: Ansar Mohammed [mailto:amohammed () carib-link net]
> Sent: Monday, May 14, 2001 8:41 AM
> To: 'Penetration Testers'
> Subject: RE: [PEN-TEST] Detecting the presence of a firewall
>
>
> Yes there is a way.
>
> A while ago blackhat released an exploit for checkpoint fw-1.
>
> A side effect of the exploit, regardless of wether it works 
> or not is that it displays all ip interfaces of the firewall. 
> However, the firewall rules must allow you to access the 
> management ports.
>
>
> The exploit runs on Linux or OpenBSD. You can find it at 
www.blackhat.com


> -----Original Message-----
> From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]
> On Behalf Of priya subramanian
> Sent: Monday, May 07, 2001 5:11 AM
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: [PEN-TEST] Detecting the presence of a firewall
>
>
> Pl clarify the following
>
> 1. Are there any means of detecting the presence of a
> checkpoint firewall at a company's premises,  from a remote location.
>
> 2.Knowing one interface of the firewall machine, is it possible for me

> to find the ip addresses of the other interfaces.
>
> Kindly reply at the earliest.
>
> Priya
>
>
>
>
>
>
> ____________________________________________________________
> Do You Yahoo!?
> For regular News updates go to http://in.news.yahoo.com