Penetration Testing mailing list archives
Re: (preparing for)Pentesting firewall /Checkpoint box
From: Wim Remes <wremes () gmail com>
Date: Wed, 19 Aug 2009 00:43:33 +0200
Hi,you might want to run nipper (http://nipper.titania.co.uk) against your config. If you can't change what is reported by nipper, at least you can find answers to questions before your auditor asks them...
Cheers, W On 19 Aug 2009, at 00:01, ml10024 () adreyer com wrote:
pent 5971 wrote:Hi I would like to ask for your advice on something. Ill have a penetration test soon in the enterprise and im need of that nothing (configuration mistakes advices etc also) would be found on my Checkpoint R65 boxes (both on Windows and Secure Platform) . So what can you advice for me to prepare and also how can i do a pentest to these boxes by myself?Hi, * Make sure you have the latest HFA on the boxes (R65 HFA50). * Minimize your rulebase, make it as strict as possible * make sure that the SPLAT UI is not available from the external interface or better switch it of completely * restrict SSH to internal interfaces if possible * restrict SNMP to internal addresses only * run nmap against internal and external interfaces * make sure that there is no shared infrastructure between external, internal and sync interface - these should to be separated by physically different switches, not just VLANs on the same switch! Regards, Achim -- Achim Dreyer ||Network Security Consultant || RHCE, RHCA, CCNA, CCSA, CCSE, CCSE+, CSCECAcert Assurer || JNCIS-FW ------------------------------------------------------------------------This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- (preparing for)Pentesting firewall /Checkpoint box pent 5971 (Aug 18)
- Re: (preparing for)Pentesting firewall /Checkpoint box Francois Yang (Aug 18)
- Re: (preparing for)Pentesting firewall /Checkpoint box ml10024 (Aug 18)
- Re: (preparing for)Pentesting firewall /Checkpoint box Wim Remes (Aug 19)
- Re: (preparing for)Pentesting firewall /Checkpoint box Todd Haverkos (Aug 18)
- Re: (preparing for)Pentesting firewall /Checkpoint box David Howe (Aug 19)
- RE: (preparing for)Pentesting firewall /Checkpoint box Gorgon Beast (Aug 19)
- Re: (preparing for)Pentesting firewall /Checkpoint box JiPi DiNi (Aug 19)
- Re: (preparing for)Pentesting firewall /Checkpoint box Matt Gardenghi (Aug 19)