RE: Firewalls & SSL

["Yoann Le Corvic" <Yoann.LeCorvic () linkvest com>]

Hello
> 1)    How do I determine the router and firewall IPs and
> type of firewalls/router used?
Have you tried the -O option of NMAP, that could at least give you a
guess of the OS on which the firewall is running, and at best, the type
of firewall

> 2)    How can I bypass the firewall to exploit the open
> ports on the servers?
The only thing I can think of here is to use packet fragmentation. That
worked in the past, but more an more firewalls have fixed the problem
> 3)    How can I exploit secured (SSL) web server?
I would think the same way you would do a not secure one. For example,
you can still attempt unicode exploits, wether it is https or not, just
replace http by https. Unless they use authentication as well...

> Appreciate any useful information from anyone out
> there........
>
> Thanks,
> Niumal
>
>
> =====
> Niumal Weerasena
> Mobile : +6 012 - 2112654
> Email : niumal () yahoo com
>
> __________________________________________________
> Do You Yahoo!?
> NEW from Yahoo! GeoCities - quick and easy web site hosting, 
> just $8.95/month.
> http://geocities.yahoo.com/ps/info1
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security 
> vulnerabilities please see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/