Penetration Testing mailing list archives
Re: [PEN-TEST] Novell ICS appliance and iChain
From: Graeme Fowler <graeme.f () WEBFUSION CO UK>
Date: Thu, 23 Nov 2000 09:54:59 -0000
Dave Edwards wrote:
Subject: [PEN-TEST] Novell ICS appliance and iChain
Anyone had a look at these yet?
In a previous job I had a play with an ICS last year, in another guise whilst it was being test marketed. We broke it in a matter of seconds by sending the proxy server a TCP CONNECT request which then connected to its' own chargen port. I believe this may have been fixed - however any vendor daft enough to leave a box in that state during testing *must* have left some other holes in it somewhere... Graeme
Current thread:
- [PEN-TEST] Novell ICS appliance and iChain Edwards, David (JTD) (Nov 23)
- Re: [PEN-TEST] Novell ICS appliance and iChain Graeme Fowler (Nov 24)
- [PEN-TEST] Audit Tools in pentests Erick Arturo Perez Huemer (Nov 24)
- Re: [PEN-TEST] Audit Tools in pentests Talisker (Nov 24)