Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: Firewall penetration testing

  1. #11
    Junior Member roybatty's Avatar
    Join Date
    Jan 2010
    Location
    Tannhauser Gate
    Posts
    55

    Default Re: Firewall penetration testing

    Well, actually I'm the teacher.

    And this is my firewall script:

    Code:
          #!/bin/sh         
            iptables -F
            iptables -X
            iptables -Z
            iptables -t nat -F
            iptables -P INPUT ACCEPT
            iptables -P OUTPUT ACCEPT
            iptables -P FORWARD ACCEPT
            iptables -t nat -P PREROUTING ACCEPT
            iptables -t nat -P POSTROUTING ACCEPT
    An easy A+

    So, be polite you guys ... (Otherwise we'll see the reloaded version of 'Why seniors here are so rude?')
    I've seen things you people wouldn't believe.

  2. #12
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    1

    Lightbulb Re: Firewall penetration testing

    1) hping and nmap are your friends. But before using them, you need to acquire introductory TCP/IP knowledge. Fragmented packets, source address spoofing, dns queries, decoy hosts, crafted SYN+ACK packets, etc. you can implement these testing parameters via both nmap and hping.
    You can use nmap's --reason parameter to see why your packet dropped or rejected. tcpdump is also good for this but if you want to interpret the results then you really need to understand the basics.
    2) I recommend you reading Ftester's documentation from here.
    3) This may also be useful to you if you want to enumerate IP hops.
    4) If you want to check your CISCO firewall's rules automagically then flint is your cure, my friend.

  3. #13
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    finally home :) working in town
    Posts
    11

    Default Re: Firewall penetration testing

    Maybe the "lesson" that needs to be learned is READING=LEARNING and SEARCHING=GREAT READING. Everything I have learned about Linux and Backtrack came from wiki's,tuts,README's etc. (there is a good defcon fyodor seminar out there for example on this very subject).

  4. #14
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    8

    Default Re: Firewall penetration testing

    @ tlingitsoldier
    Is it possiable that the teacher has taught best secuirty practices, and just at the off chance on a test network, when all the gradeing has been done you can try to access gear behind the firewall...

    Try mapping the network(NMAP) to get a picture
    Try and see what passes throught the firewalls(hping,nemsis)
    Try to exploit OS,software to disable firewall or foreward

  5. #15
    Junior Member WolverineOD's Avatar
    Join Date
    Apr 2010
    Location
    Infront of Screen
    Posts
    28

    Default Re: Firewall penetration testing

    No need to be terribly cynical. I can see why everybody sighs and proceeds to hate on whoever posts these Oh So Imaginative stories. But there is a limit to how far you can take this before the mods start looking very unapproachable, in which case valid users will be 'frightened' off instead of asking perfectly acceptable questions. This is supposed to be a learning environment. But at the moment people are just being shut down before they are given a chance. His teacher is probably doing exactly the same thing as we do here. Trying to get their students to think for themselves, and then when they hit a road block, come ask some questions. We should at least point people in the right direction and the information itself will sort out the Script Kiddies out from the men, were not all seasoned Pentesting Experts. Id like to add that he has been pointed in the right direction, but this forum could still do to be a bit more friendly. Otherwise people wont be sticking around for long.

    Usually, aslong as you notify the ISP before starting the test, and the times in which it will be happening they will be OK with it. Another idea might be to get your teacher to write an email on the matter to clarify that you are authorized to test the network. Good luck if your for real. Its not easy starting out, do the proper research (Google is your friend) and things will start to become clear.

  6. #16
    Moderator fancy's Avatar
    Join Date
    Jan 2010
    Posts
    204

    Default Re: Firewall penetration testing

    Quote Originally Posted by roybatty View Post
    So, be polite you guys ... (Otherwise we'll see the reloaded version of 'Why seniors here are so rude?')
    Well, seniors are not rude by nature, they just may react harsh if someone wants to fool them, or they should do the homework for some lazy students. Do you have an idea how many homework requests or SE attempts are not making it past the moderator queue??? Moreover we are not here to teach somebody.
    And honestly, if you really are a teacher then you should instruct your students to research things on their own - and what the OP asked for is everywhere available on the internet. A simple google research will reveal a myriad of valuable information.
    Last edited by fancy; 04-28-2010 at 07:14 AM.

  7. #17
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default Re: Firewall penetration testing

    I've always found the "senior's" to be very helpful and knowledgable as long as you follow the rules and don't try and b.s. them. I find it funny that people try to tell a story with their questions. It's completely unnecessary and irrelevant.

    @OP
    Backtrack is the perfect tool for what you're describing but only in the hands of an experienced tester. Penetration testing is not learned overnight or even in a few weeks. On top of that some things just can't be taught, for example: creativity, resourcefulness, ingenuity.
    If you're interested in learning you need to start with the basics like everyone else. If you just want someone to do everything for you then you've come to the wrong place.

  8. #18
    Junior Member roybatty's Avatar
    Join Date
    Jan 2010
    Location
    Tannhauser Gate
    Posts
    55

    Default Re: Firewall penetration testing

    Quote Originally Posted by fancy View Post
    Well, seniors are not rude by nature, they just may react harsh if someone wants to fool them, or they should do the homework for some lazy students.
    I know that fancy, I was just kidding. However, we'll see that happening again, sooner than later.

    Do you have an idea how many homework requests or SE attempts are not making it past the moderator queue??? Moreover we are not here to teach somebody.
    Yep. I've been here for ages (old forum).

    And honestly, if you really are a teacher then you should instruct your students to research things on their own - and what the OP asked for is everywhere available on the internet. A simple google research will reveal a myriad of valuable information.
    No, I'm not. And yes, you're right.
    I've seen things you people wouldn't believe.

  9. #19
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: Firewall penetration testing

    Quote Originally Posted by roybatty View Post
    Well, actually I'm the teacher.

    And this is my firewall script:

    Code:
          #!/bin/sh         
            iptables -F
            iptables -X
            iptables -Z
            iptables -t nat -F
            iptables -P INPUT ACCEPT
            iptables -P OUTPUT ACCEPT
            iptables -P FORWARD ACCEPT
            iptables -t nat -P PREROUTING ACCEPT
            iptables -t nat -P POSTROUTING ACCEPT
    An easy A+

    So, be polite you guys ... (Otherwise we'll see the reloaded version of 'Why seniors here are so rude?')
    Wow that's a boat load of failsauce.... It would almost be more effective to just "killall iptables" then you wouldn't be wasting RAM or CPU time doing nothing.

    And honestly, if you really are a teacher then you should instruct your students to research things on their own - and what the OP asked for is everywhere available on the internet. A simple google research will reveal a myriad of valuable information.
    No, I'm not. And yes, you're right.
    Big surprise...
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  10. #20
    Junior Member skidmarq's Avatar
    Join Date
    Jan 2010
    Posts
    88

    Default Re: Firewall penetration testing

    Hping is a great tool but I wouldn't recommend it here since you already have the advantage of knowing the hardware (PIX515). Cisco PIX firewalls use a a state table and HPING won't buy you much in this instance since the PIX will only listen for stateful connections. Now, if this were a a router using an old version of ACLs (the ones that used to say "permit x.x.x.x y.y.y.y 'established'") then you could normally circumvent the security using a custom crafted TCP packet with the ACK flag set.

    You really won't be attacking the firewalls here, per se, you will want to focus more on services allowed through the firewalls. That is likely going to be your weak link...once you've compromised a host in the DMZ then you can use that as a launch pad internally using the same logic as above.
    Last edited by skidmarq; 04-28-2010 at 01:09 PM. Reason: Half Post

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. O que é um Fuzzer em Penetration Testing (Pentesting)
    By firebits in forum Tutoriais e Howtos
    Replies: 0
    Last Post: 03-28-2010, 06:41 PM
  2. Penetration Testing Environment.
    By chasebadkids in forum OLD Pentesting
    Replies: 8
    Last Post: 01-31-2010, 03:46 AM
  3. Penetration testing
    By jjxoni in forum OLD Newbie Area
    Replies: 6
    Last Post: 01-31-2009, 04:42 PM
  4. Timed out in penetration testing
    By mindf in forum OLD Newbie Area
    Replies: 5
    Last Post: 08-13-2008, 11:11 AM
  5. testing a firewall
    By xatar in forum OLD Pentesting
    Replies: 17
    Last Post: 02-05-2008, 08:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •