Penetration Testing mailing list archives

Re: win2000

From: Alex Butcher <alex () s3 integralis co uk>
Date: Fri, 06 Jul 2001 10:10:29 +0100

walter valenti wrote:

I'm doing a pen test on a network via VPN with CheckPoint SecureClient.

I can't use a Linux box, why the customer not provides us the client for
linux but only for win98,NT,2000.


Sadly, there is no native SecureClient product for Linux yet. FreeS/WAN
<http://www.freeswan.org/> gives IPSec capabilities to Linux but will
require configuration on the firewall side as a VPN site. Your customer
may not be prepared to do this.

I use 2000, why using NT the nmap(nt) don't work on a VPN.

=> I'v got two problem: find a good and efficient tool for 2000 like
NESSUS;
built the raw socket on 2000 (the Net::RawIP of Perl is only for *nix),
there is some library in C?


I would use <http://www.phoneboy.com/faq/0244.html> as a starting point
and use my usual collection of *nix tools. You'll need to make sure the
customer isn't using the firewall component of SecureClient to enforce a
security policy on the *client* machines *as well* as the firewall (as
per <http://www.phoneboy.com/faq/0390.html>).

Best Regards,
Alex.
-- 
Alex Butcher                                      PGP/GnuPG Key IDs:
Consultant, S3 Systems Security Services          alex@s3       B7709088
PGP: http://www.s3.integralis.co.uk/pgp/alex.pgp  alex.butcher@ 885BA6CE

--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/

Current thread:

win2000 walter valenti (Jul 05)
- Re: win2000 Joe Shaw (Jul 05)
- Re: win2000 H D Moore (Jul 05)
- Re: win2000 Alex Butcher (Jul 06)
- <Possible follow-ups>
- RE: win2000 Dawes, Rogan (ZA - Johannesburg) (Jul 06)