From: Paul Melson (pmelson@gmail.com)
Date: Fri Mar 03 2006 - 09:24:36 EST
-----Original Message-----
Subject: SGS 5400 firewalls
> anyone ever have to pen test on a network with a SGS 5400 firewall?
wondering if any
> vulnerabilities exist... any info would be great. thanks in advance!
SGS 5400 is Symantec Enterprise Firewall (aka Raptor) on Linux on x86. It's
a proxy-based firewall, and the operating system itself is pretty well
shielded by the firewall. You may find some ideas of services to go after
by reading the documentation:
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sy
m_gw_security_201_5400/manuals.html
But instead of looking for actual flaws in the product, your time would
probably be better spent looking for flaws in the configuration. For
instance, I would say that it is the exception to find a SEF/Raptor where
the DNS proxy has been set up correctly.
PaulM
------------------------------------------------------------------------------
This List Sponsored by: Lancope
"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA)
and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security.
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response
Systems in the Enterprise."
http://www.lancope.com/resource/
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:36 EDT