Re: [PEN-TEST] Source Routing and MS Proxy 2.0

[Sandro Gauci <Sandro () GFI COM>]

There is an article on this by Mnemonix

http://www.infowar.co.uk/mnemonix/proxy.htm


Regards,

Sandro.

-----Original Message-----
From: erica bernt [mailto:erica_bbb () YAHOO COM]
Sent: Monday, August 21, 2000 1:36 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Source Routing and MS Proxy 2.0


Hi Everyone,

I will be doing some authorized penetration testing on
a MS Proxy 2.0 server connected to the internet. I see
that there is a
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0909
potential source routing attack that is possible.

Have any of you had success with such a test ? Which
utilities do you use for the source routing ? Is the
loose source routing facility in netcat good enough ?

I would be grateful of any suggestions and hints as to
go about my penetration test of MS Proxy and of useful
source routing tools.

thanks Erica





__________________________________________________
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/


GFI - Security & communications products for Windows NT/2000
http://www.gfi.com

**********************************************************
This mail was content checked for malicious code or viruses
by Mail essentials. Mail essentials for Exchange/SMTP is an
email security, content checking & anti-virus gateway that
removes all types of email-borne threats before they can affect
your email users. Spam, viruses, dangerous attachments & offensive
content can be removed before they reach your mail server.
In addition it has server-based email encryption, disclaimers
and other email features.
***********************************************************

In addition to Mail essentials, GFI also produces the FAXmaker
fax server product range & LANguard internet access control &
intrusion detection. For more information on our products please
visit http://www.gfi.com