From: WALI (hkhasgiwale@gmail.com)
Date: Tue Jun 12 2007 - 12:25:39 EDT
Tipping Point has made one of it's own testing tool, freely available for use,
http://tomahawk.sourceforge.net/
A bit hard to configure but if you are a linux pro, shouldn't be an issue.
If not, this should suit your needs:
http://www.karalon.com/trafficiqbasic.htm
HTH
At 08:44 AM 6/10/2007 -0400, Michael Scheidell wrote:
> > -----Original Message-----
> > From: listbounce@securityfocus.com
> > [mailto:listbounce@securityfocus.com] On Behalf Of TStark
> > Sent: Saturday, June 09, 2007 7:48 PM
> > To: pen-test@securityfocus.com
> > Subject: Pen Testing Tippingpoint
> >
> >
> > Hello,
> >
> > I am planning on pen testing a Tippingpoint appliance, I
> > think it's a 200e, I'm looking for some suggestions on what
> > to use to pen test this thing. I haven't found a Nessus plug
> > in to help test this appliance, I'd bet there is one out
> > there somewhere.
> >
> > Any information to help me test/penetrate Tippingpoint would
> > be very helpful, I'd like to make sure we test this thing
> > well before we shell out that kind of dough.
> >
>
>Generally speaking, it has been a good device (I am a competitor, not a
>user).
>At $13K to $15K, its not such a bad purchase, if you are looking for an
>IPS, and is peanuts to the cost of the people you want to watch it 24/7.
>(the 4 or 5 people it takes to watch it 24/7 cost you, what?)
>
>I seriously doubt you can hack it, or DOS it from the outside.
>MAYBE, just MAYBE, you can find something to do to the internal
>management interface, but that is unlikely also.
>
>Just get some IPS testing software (most of it written by
>3com/tippingpoint) and see if it suffers any delays or packet losses in
>your environment.
>
>If you find a problem, you could always send it to ZDI and they will pay
>you for it ;-) (ZDI owned by Tippingpoint/3com)
>
>--
>Michael Scheidell, CTO
>SECNAP Network Security Corporation
>Keep up to date with latest information on IT security: Real time
>security alerts:
>http://www.secnap.com/news
>
>
>_________________________________________________________________________
>This email has been scanned and certified safe by SpammerTrap(tm).
>For Information please see http://www.spammertrap.com
>_________________________________________________________________________
>
>------------------------------------------------------------------------
>This List Sponsored by: Cenzic
>
>Are you using SPI, Watchfire or WhiteHat?
>Consider getting clear vision with Cenzic
>See HOW Now with our 20/20 program!
>
>http://www.cenzic.com/c/2020
>------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT