Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NESSUS] Scanning firewalls e.g. ISA 2006

from [Albert] Network Security [Permanent Link]
Subject: [NESSUS] Scanning firewalls e.g. ISA 2006
Date: Wed, 23 Apr 2008 10:19:58 +0200 
Dino

firewalls are always a pain to scan as they will throw up ghost ports and
devices, have different "looks" depending from where you scan, and drop most
packets resulting in very slow scan times.
In my experience you get very little information for a high degree of
effort.
ISA need not be too different.

Your question is a bit unclear - let me explain:

It depends what you want to test.

In my experience, if you want to see how good the firewall works, you need
to find out what gets through in spite of the ISA server.
You would thus need to scan a device behind it rather than scan the ISA
firewall itself.

On the other hand, I believe that if you want to test the security of the
underlying server and the correctness of the ISA set-up and  configuration,
you may be better off using "white box" tools such as DISA/NIST STIGs,
CISecurity.org templates and scoring programs run locally using user and/or
admin rights, rather than throwing a VA scanner at it.

Albert

anon.: our job is so secret even we do not know what we am doing!

---------- Forwarded message ----------
From: Francis D. Lorenzana <Francis.D.Lorenzana@jpl.nasa.gov>
Date: 22.04.2008 19:24
Subject: Scanning ISA 2006
To: nessus@list.nessus.org

Has anyone ever scanned a Windows ISA Server 2006 or 2007? (Is there a
2007?). The ISA Server doesn't seem to allow me to scan it. The SA says he
has to uninstall ISA in order for the system to be scanned. Does this sound
right?
Dino

Francis D. "Dino" Lorenzana | Computer Security Analyst
Information Technology Security Group  | E-Mail:
Francis.D.Lorenzana@jpl.nas.gov
Office of the Chief Information Officer | Phone: (818) 393-3853
Jet Propulsion Laboratory | Cell: (818) 653-2794
M/S 602-149  | Fax: (818) 393-1377
4800 Oak Grove Drive
Pasadena, CA 91109-8099




_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NESSUS] Scanning firewalls e.g. ISA 2006, Albert <=
Previous by Date:  Re: Scanning ISA 2006, Administrateur Sécurité
Next by Date:  Why is my printer not excluded from the scan?, jellybambam
Previous by Thread:  Scanning ISA 2006, Francis D. Lorenzana
Next by Thread:  Why is my printer not excluded from the scan?, jellybambam
Indexes:  [Date] [Thread] [Top] [All Lists]