Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: (citrix testing)

From: ed.rolison () itc alstom com
Date: Wed, 13 Feb 2002 08:35:55 +0000

I don't think that script will be hugely useful for pen-testing.
Basically what it does is replay a packet dump of the initial server
discovery handshake.
Broadcast on port 1604, replays the packet, waits for the response and
greps for 'key' strings.
(Wahey netcat)
It works well enough to grab a list of published applications on the citrix
server, which is
ideal for system monitoring.

Cheers
Ed Rolison





Sam Bracke <sam () crashdot be> on 12/02/2002 16:03:30

To:   pen-test () securityfocus com
cc:   dhavanmehta () hotmail com

Subject:  Re:


There's a citrix monitoring script available for the Big Brother (BB4)
monitoring system:

http://www.bb4.com
http://www.deadcat.net/cgi-bin/download.pl?section=1&file=bb-citrix.sh

Hope this helps

cheers
-Sam

On Thursday 01 January 1970 00:59,  wrote:

Received: (qmail 31313 invoked from network); 11 Feb 2002 19:26:47 -0000
Sender: root () atstake com
Message-ID: <3C681B5E.9B1D0F71 () atstake com>
Date: Mon, 11 Feb 2002 14:28:30 -0500
From: Dave Aitel <daitel () atstake com>
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.4.2-2 i686)
X-Accept-Language: en
MIME-Version: 1.0
To: Dhavan Mehta <dhavanmehta () hotmail com>
Cc: pen-test () securityfocus com
Subject: Re: citrix systems audit program/Minimum Baseline Standards
References: <F137BnccYTjr8cU6xfP00010649 () hotmail com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Nopes. But there's a citrix fuzzer built into SPIKE at
spike.sourceforge.net.


(new version out real soon now with an even-more-useless halflife fuzzer.
:>)

-dave

Dhavan Mehta wrote:

Hi Folks,

Does anybody have an audit program/MBS for reviewing citrix systems?
Any help will be greatly appreciated.

Thanks in advance
Dhavan

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx



-------------------------------------------------------------------------

--- This list is provided by the SecurityFocus Security Intelligence

Alert

(SIA) Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities


 please see:

https://alerts.securityfocus.com/




---------------------------------------------------------------------------

- This list is provided by the SecurityFocus Security Intelligence Alert
(SIA) Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please

see:

https://alerts.securityfocus.com/


----------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/









CONFIDENTIALITY:
This e-mail and any attachments are confidential and may be privileged. If
you are not a named recipient, please notify the sender immediately and do
not disclose the contents to another person, use it for any purpose, or
store or copy the information in any medium.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: