From: Fabio Pietrosanti (naif) (naif@sikurezza.org)
Date: Tue May 28 2002 - 06:29:36 EDT
I'm also working on the evaluation of the products, not only from the security
point of view but also from the "management" point of view .
The box has 3 level of security:
- Low
Internal Network can go outside with every protocol
External Network can "ping" external interface of the s-box
- Medium
Internal Network can go outside with every protocol
External Network can't "ping" external interface of the s-box
- High
Internal Network can go outside only for "certain" protocol
External Network can't "ping" external interface of the s-box
The core of the technology is checkpoint so if you are looking for specific
bug in the implementation of the "firewalling feature" you have to break
checkpoint.
The things that you make wish to "audit" and that you will probably find vulnerable (
because the products is very young ) is:
- Management of the box from the internal network ( the webserver on the s-box
) that make intensive use of javascript and if think could be very easy to
bypass authentication
- Management of the box through SMP ( the web based console on the ISP NOC )
that use "a lot" of different program so probably there will be "a lot" of
vulnerability and misconfiguration .
Also i think that in the future will be implemented feature like an snmp agent
( beeing linux could be a vulnerable ucd-snmp ? ) and other things like that.
The most wonderfull thing to try is to reverse the box and find out how to
install a custom version of linux without checkpoint but using iptables .
If so you can have a 5 interface firewall with 2x8mb of flash and 32mb of ram
based on a 133mhz MIPS processor. Good? :)
Sorry for my not so good english...
Regards
On Fri, May 24, 2002 at 10:07:19AM -0400, Kevin Dwyer wrote:
> Hello pen-test,
>
> I'm currently completing an evaluation of SofaWare's S-box
> firewall. It is a small embedded device that runs Linux and Checkpoint.
> Naturally, this is for lower end customers who don't need ultra-flexible
> rulesets and such. That said, I'm interested in hearing if anyone in the
> community has come across one of these devices and what their experiences
> were like. Have you found any gaping security issues? Any showstoppers?
-- Fabio Pietrosanti ( naif ) E-mail: naif@sikurezza.org - naif@blackhats.it PGP Key (DSS) http://naif.itapac.net/naif.asc -- "Hacking is the future of security research" R.Power, CSI Free advertising: www.openbsd.org Multiplatform Ultra-secure OS ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT