Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: (preparing for)Pentesting firewall /Checkpoint box

From: ml10024 () adreyer com
Date: Tue, 18 Aug 2009 23:01:33 +0100
pent 5971 wrote:

Hi

I would like to ask for your advice on something. Ill have a
penetration test soon in the enterprise and im need of that nothing
(configuration mistakes advices etc also) would be found on my
Checkpoint R65 boxes (both on Windows and Secure Platform) . So what
can you advice for me to prepare  and also how can i do a pentest to
these boxes by myself?


Hi,

* Make sure you have the latest HFA on the boxes (R65 HFA50).
* Minimize your rulebase, make it as strict as possible
* make sure that the SPLAT UI is not available from the external
  interface or better switch it of completely
* restrict SSH to internal interfaces if possible
* restrict SNMP to internal addresses only
* run nmap against internal and external interfaces
* make sure that there is no shared infrastructure between
  external, internal and sync interface - these should to be
  separated by physically different switches, not just VLANs on
  the same switch!


Regards,
Achim

--
Achim Dreyer                ||
Network Security Consultant || RHCE, RHCA, CCNA, CCSA, CCSE, CCSE+, CSCE
CAcert Assurer              || JNCIS-FW

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: