From: Paul Melson (pmelson@gmail.com)
Date: Tue Mar 14 2006 - 10:25:27 EST
-----Original Message-----
Subject: Re: SGS 5400 firewalls
> Hi Paul,
>
> I am not so sure about that restriction on external access to port 2456. I
believe it comes > open to any of the interfaces (could be wrong on that).
;)
The setup wizard prevents this by default. I can conceive of some instances
where this is done either accidentally or intentionally, but it's not the
default in either case. And under no circumstances should SGMI be open to
the wide world. If it is, that's a finding.
> Also, if the box is running SGS 3.0, SSH server used is the open standard
- you can connect
> to it by using any SSH client. (comes disabled by default).
The 5400's shipped with v2.0.1. They can be upgraded to 3.0, but as I
understand it only the 5600's and 1600's actually arrive with 3.0 already on
them.
PaulM
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:40 EDT