Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Gnat Box Query

From: "Disposable Acct" <dispacct () hotmail com>
Date: Fri, 28 Mar 2003 12:46:13 +0000



Hi,
Pen-testing a network and have gained full access. I know the network is running a GNAT Box as one of its firewalls. It is also running a web interface for this box.
The access I have gained is not through this box but I was wondering if there is any information out there on know vulnerabilities of these firewalls (apart from BID 6011 - a DOS). Since I can access the machine the GNAT box is running on where can I find the logins/psses? Are they encrypted - is there a decrypter utility out there? Can I manually adjust the firewall behaviour by modifying files on that machine from the command line?
I have the network SAM._ which I have run through LC4 but the main Admin passes don't work. 

Thanks





_________________________________________________________________
Surf together with new Shared Browsing http://join.msn.com/?page=features/browse&pgmarket=en-gb&XAPID=74&DI=1059 


top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.surfcontrol.com/go/zsfptl1
Previous By Date Next
Previous By Thread Next

Current thread: