Penetration Testing mailing list archives
Re: Pen Testing Tippingpoint
From: TStark <stark.ironman () gmail com>
Date: Tue, 19 Jun 2007 12:52:28 -0400
Good info, as you suggested, I'm going to discuss this with our SE. I appreciate the great response to my question, I only hope I can help someone in return! Through my assessment I found that the server group set up a honeypot for me to hit rather than a normal server, they've asked me to now tell them the name of the actual software they are using, but I'm going to make this a seprate question. Thanks again for the help everyone!! On 6/14/07, Joey Peloquin <joeyp () cotse net> wrote:
Michael Scheidell wrote: >> -----Original Message----- >> From: listbounce () securityfocus com >> [mailto:listbounce () securityfocus com] On Behalf Of TStark >> Sent: Saturday, June 09, 2007 7:48 PM >> To: pen-test () securityfocus com >> Subject: Pen Testing Tippingpoint >> >> >> Hello, >> >> I am planning on pen testing a Tippingpoint appliance, I >> think it's a 200e, I'm looking for some suggestions on what >> to use to pen test this thing. I haven't found a Nessus plug >> in to help test this appliance, I'd bet there is one out >> there somewhere. >> >> Any information to help me test/penetrate Tippingpoint would >> be very helpful, I'd like to make sure we test this thing >> well before we shell out that kind of dough. >> > > Generally speaking, it has been a good device (I am a competitor, not a > user). <snip> Disclaimer: I'm a happy, and loyal, TippingPoint customer. Michael, as a competitor, I'd expect you to know more about TippingPoint's shortcomings (as few and far between as they are) :) The latest vuln for TP actually doesn't involve the UI at all; http://www.3com.com/securityalert/alerts/3COM-07-001.html ..but it also wasn't around for very long (fixed in the next DV). You get what you pay for. There's been a few DoS vulns over the years, but other than that, nothing really serious, that was disclosed anyway. Although my team conducts assessments and pen-tests as part of our daily routine, I didn't tackle the TP evaluation like an engagement. These guys do this for a living..if an IT security guy could "pen-test" the box, i.e., go after and _get_ a trophy, I doubt 3Com would have bought them (and we sure as hell wouldn't). I also know only a handful of individuals that possess the SICK skills necessary to disassemble a TP box to the point that you find a component worth attacking. That said, I approached the evaluation from the perspective of an attack simulation, testing latency while under attack (with and without load-you can use tomahawk to generate load), while pushing DVs and/or policy changes, etc. There's lots of tools out there, and you're really only limited by your imagination. Grab HD's metasploit to start, put on your "hacker" hat, and let your imagination go crazy. Also, if you do find something wrong, please document and report it to TP. I found problems with two signatures, and they got it fixed before my eval concluded. Finally, if you're curious about Tomahawk, TP used to loan a complete rig out to prospects for testing, so check with your SE. Good luck! -jp
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Pen Testing Tippingpoint TStark (Jun 10)
- Re: Pen Testing Tippingpoint Zed Qyves (Jun 11)
- Re: Pen Testing Tippingpoint John Lampe (Jun 15)
- <Possible follow-ups>
- RE: Pen Testing Tippingpoint Michael Scheidell (Jun 10)
- RE: Pen Testing Tippingpoint Clemens, Dan (Jun 11)
- Re: Pen Testing Tippingpoint Joey Peloquin (Jun 15)
- Re: Pen Testing Tippingpoint TStark (Jun 19)
- RE: Pen Testing Tippingpoint WALI (Jun 15)
- RE: Pen Testing Tippingpoint Jeremiah Brott (Jun 11)