RE: SGS 5400 firewalls

From: Darren Webb (spyder007@charter.net)
Date: Sun Mar 12 2006 - 03:58:55 EST

• Next message: Bo Voigt: "SV: OWA configurations"
• Previous message: Ken Kousky: "RE: VOIP: RTP vs SRTP"
• In reply to: e.lewis@infosecurityconsult.com: "SGS 5400 firewalls"
• Next in thread: Paul Melson: "RE: SGS 5400 firewalls"
• Reply: Paul Melson: "RE: SGS 5400 firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You might want to start by looking for TCP port 2456. This is the SSL web
based management port. Admin is a good username to start with. Also look
for TCP port 22 (i.e. OpenSSH).

Be advised, if the admins are smart, they have added filters to protect
these ports external connections. The logging is also very good so whatever
you try, they should notice it.

Darren

-----Original Message-----
From: e.lewis@infosecurityconsult.com
[mailto:e.lewis@infosecurityconsult.com]
Sent: Thursday, March 02, 2006 10:35 AM
To: pen-test@securityfocus.com
Subject: SGS 5400 firewalls

anyone ever have to pen test on a network with a SGS 5400 firewall?
wondering if any vulnerabilities exist... any info would be great. thanks in
advance!

elizabeth

----------------------------------------------------------------------------

--
This List Sponsored by: Lancope
"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis
(NBA) and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security. 
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and
Response Systems in the Enterprise."
http://www.lancope.com/resource/
----------------------------------------------------------------------------
--
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

• Next message: Bo Voigt: "SV: OWA configurations"
• Previous message: Ken Kousky: "RE: VOIP: RTP vs SRTP"
• In reply to: e.lewis@infosecurityconsult.com: "SGS 5400 firewalls"
• Next in thread: Paul Melson: "RE: SGS 5400 firewalls"
• Reply: Paul Melson: "RE: SGS 5400 firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:40 EDT