Penetration Testing mailing list archives
Re: RE: Re: Penetration Testing a Firewalled Network
From: "Eagle Fire" <tlecuauhtli () googlemail com>
Date: Wed, 7 Jun 2006 10:12:28 +0100
I am guessing the FW is doing NAT or PAT to allow internal users to reach the Internet. If it is using NAT there should be a one to one relationship between internal and external IPs. If you do some scanning you migth find something usefull. If they are using PAT is more complex because they are using one o few IPs to go from the internal to the external world. My guessing there is that you would need to find any translation running to try to get some info from the inside. -tlec On 7 Jun 2006 02:15:22 -0000, kratzer.jason () gmail com <kratzer.jason () gmail com> wrote:
I do know what is running on the internal network. I suppose the purpose of this is to audit the level of security provided by the firewall itself. I have already found vulnerabilities resident in the VPN and Webserver which would allow me access to the internal network but I would like to see, for personal interests as well as to demonstrate the level of security provided by the firewall, if there was any way to enumerate internal network information due to poorly configure filters. Since the beginning of this audit I have began research into packet manipulation in order to blindly discover available internal hosts and would simply like to know if it was possible to do so across the internet without access to a dmz zone. ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Penetration Testing a Firewalled Network kratzer . jason (Jun 06)
- Re: Penetration Testing a Firewalled Network James Fryman (Jun 06)
- <Possible follow-ups>
- Re: Re: Penetration Testing a Firewalled Network kratzer . jason (Jun 06)
- Re: Penetration Testing a Firewalled Network James Fryman (Jun 06)
- Re: Re: Penetration Testing a Firewalled Network killy (Jun 07)
- Re: Re: Penetration Testing a Firewalled Network kratzer . jason (Jun 06)
- Re: Penetration Testing a Firewalled Network James Fryman (Jun 07)
- Re: Penetration Testing a Firewalled Network Javier Fernandez-Sanguino (Jun 08)
- Re: Penetration Testing a Firewalled Network James Fryman (Jun 07)
- RE: Re: Penetration Testing a Firewalled Network David M. Zendzian (Jun 06)
- Re: RE: Re: Penetration Testing a Firewalled Network kratzer . jason (Jun 07)
- Re: RE: Re: Penetration Testing a Firewalled Network Eagle Fire (Jun 07)
- Re: RE: Re: Re: Penetration Testing a Firewalled Network kratzer . jason (Jun 07)
- Re: RE: Re: Re: Penetration Testing a Firewalled Network killy (Jun 09)
- Re: Penetration Testing a Firewalled Network Marco Ivaldi (Jun 09)