RE: (preparing for)Pentesting firewall /Checkpoint box

[Gorgon Beast <gorgonbeast () hotmail com>]

First, don't be afraid of the audit.  A few years ago I went to a seminar on Ultimate Pen Testing with my boss.  The 
instructor asked, "Who would like to volunteer their site for a test?"  My hand shot up, and my boss went into panic 
mode.

My thinking here is, what a great way to find out what is wrong before the bad guys find it.  My boss subscribed to the 
"Ignorance is bliss and I'm very happy" method of security.  As it turned out, we had one thing wrong.  The corporate 
guys snickered at us till they got scanned and discovered 7 holes.

That said, I would use some tools to investigate your own network, like OpenVAS, Nessus, NMAP, etc until you feel 
comfortable with your network.  It's amazing how many little things you can fix in a short period of time, if you know 
about them.  


> I would like to ask for your advice on something. Ill have a
> penetration test soon in the enterprise and im need of that nothing
> (configuration mistakes advices etc also) would be found on my
> Checkpoint R65 boxes (both on Windows and Secure Platform) . So what
> can you advice for me to prepare and also how can i do a pentest to
> these boxes by myself?


_________________________________________________________________
With Windows Live, you can organize, edit, and share your photos.
http://www.windowslive.com/Desktop/PhotoGallery
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------