Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Pentesting Old unsupported Firewall Appliances

from [Clemens, Dan] Network Security [Permanent Link]
Subject: RE: Pentesting Old unsupported Firewall Appliances
Date: Fri, 15 Jun 2007 13:22:57 -0500 
 



On 11/06/07, Harold Castro <b0ydaem0n@yahoo.com> wrote:

Hi,

...

Since I'm doing an external black box pentest, I have to rely on some 
tools for OS fingerprinting. Nmap guesses it to be either Nokia IPSO 
4.0 or 4.1Build19.
Now I tried googling for that particular appliance
(IP650) and I found out that the appliance is too old as its existence



dates back as early as 1999. I'm having a hard time trying to find 
anything that can be useful for this


IP650 is the hardware model.
The IP650 model is fairly old, but you can still run newer versions of
IPSO (operating system) on it.

IPSO 4.1Buildxxx would be the operating system version and Checkpoint is
the application running on the operation system.

IPSO is a bsd based os and IPSO Build019 was released on 09/21/2006.

The most recent IPSO build/rev is IPSO 4.2 Build 041 which was released
on 05/24/2007.

I don't recall there being any real security issues with IPSO since this
release but I could be wrong.
Most IPSO updates & enhancements don't focus around security bug fixes
but functionality bug fixes.

Assuming your results are correct it may be more accurate that the
firewall device is doing port forwarding to another system for the other
results that had been mentioned.

If I was doing this assessment I wouldn't worry that much about the IPSO
rev level, but what services are open on this box remotely from the
internet and vulnerabilities in other hosts (and or problems in the
checkpoint rev running on the ipso).

Hope this information helps.

Daniel Clemens








-----------------------------------------
Confidentiality Notice: This e-mail communication and any
attachments may contain confidential and privileged information for
the use of the designated recipients named above. If you are not
the intended recipient, you are hereby notified that you have
received this communication in error and that any review,
disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in
error, please notify me immediately by replying to this message and
deleting it from your computer. Thank you.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Firewall Leak Testing Was Re: Pentesting Old unsupported Firewall Appliances, mOses
Next by Date:  Pen Testing Finjan Appliance, sherwyn . williams
Previous by Thread:  Re: Pentesting Old unsupported Firewall Appliances, Jamie Riden
Next by Thread:  Re: Pentesting Old unsupported Firewall Appliances, Tiago Batista
Indexes:  [Date] [Thread] [Top] [All Lists]