Penetration Testing mailing list archives

Re: [PEN-TEST] Watchguard firebox II

From: Alex Butcher <alex () S3 INTEGRALIS CO UK>
Date: Wed, 13 Dec 2000 09:54:47 +0000

"Skinner, Tim L." wrote:


Hi,

I am about to pen-test a watchguard firebox II firewall and I have never
worked on one of those before.  Does anyone out there know of common
exploits or problems with these things?


I've never had to go up against one either, so this is probably teaching
you to suck eggs here, but they're based on the Linux kernel, so that
would probably be a good place to start looking for vulnerabilities.
Also, the single example I've seen did some incredibly strange stuff
with the addressing (i.e. the internal interface had the same IP address
as the internal interface of the external router, if I remember
correctly), so don't let that catch you out if that's what you
encounter.

Best Regards,
Alex.
--
Alex Butcher                                      PGP/GnuPG Key IDs:
Consultant, S3 Systems Security Services          alex@s3       B7709088
PGP: http://www.s3.integralis.co.uk/pgp/alex.pgp  alex.butcher@ 885BA6CE

Attachment: alex.vcf
Description: Card for Alex Butcher

Current thread:

[PEN-TEST] Watchguard firebox II Skinner, Tim L. (Dec 13)
- Re: [PEN-TEST] Watchguard firebox II Alex Butcher (Dec 14)
  - Re: [PEN-TEST] Watchguard firebox II Axel Dunkel (Dec 14)
- Re: [PEN-TEST] Watchguard firebox II Talisker (Dec 14)
- Re: [PEN-TEST] Watchguard firebox II Dom De Vitto (Dec 15)
- <Possible follow-ups>
- [PEN-TEST] Watchguard firebox iI Waters, Simon (Dec 13)
- Re: [PEN-TEST] Watchguard firebox II Steve Fallin (Dec 16)