Firewall Wizards mailing list archives
Re: Question about setting up PIX firewall
From: James <jimbob.coffey () gmail com>
Date: Fri, 2 Dec 2005 14:19:19 +1100
On 11/17/05, Paul D. Robertson <paul () compuwar net> wrote:
On Tue, 8 Nov 2005, Carric Dooley wrote:Matthew... posting your firewall config (esp. in its entirety, an apparenlty mostly unchanged) is a HUGE no-no. Somone footprinting your company now has a lot of good info how to smack you down...If your ruleset is sane, it really shouldn't matter. Just like posting the source to encryption algorithms, it's only really an issue if you have a significant flaw. No gaping holes and there shouldn't be anything an
I would strongly disagree Paul. We can learn an enormous amount of recon intelligence from Matthews config. 1. We know he is using a PIX so we only have to look for exploits for that. 2. Domain name-> domain-name spectrumdirect.local and dns server vpngroup SpectrumDirect dns-server 192.168.1.250 192.168.1.250 3. His rfc1918 subnet-> 192.168.1.128 255.255.255.128 Which we may be able to exploit with source routed packet attacks. (I am not sure how well the PIX stands up to these) 3.He is using a client to site vpn with split tunnellling enabled so if we could find a users home PC and compromise it we could gain a significant amount of access while the user is connected to the vpn. 4. We know the vpn config so we can easily get our hands on the cisco vpn client and try to BF the password because the AUTH is LOCAL and the BF attempt probably won't be detected. 5. telnet 192.168.1.0 255.255.255.0 inside Telnet is used to administer the box so if we can compromise the web server inside we can probably sniff the pix passsword and allow ourselves whatever access we want. These are just a few ideas I pulled of the top of my head. Matthew Davis if you are reading this I strongly adivse you to request the firewall wizards mailing list pull your post off their servers and also request google to do the same however more than likely your post has allready been cached and or skimmed. -- James _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Question about setting up PIX firewall James (Dec 02)
- Re: Question about setting up PIX firewall Paul D. Robertson (Dec 02)