Firewalls: Re: Remote Firewall Penetration Testing

Firewalls
(August 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Remote Firewall Penetration Testing
From:	Darren Reed <avalon @ coombs . anu . edu . au>
Date:	Mon, 1 Sep 1997 16:25:42 +1000 (EST)
To:	proberts @ clark . net (Paul D. Robertson)
Cc:	frankw @ in . net, arjan @ pino . demon . nl, firewalls @ GreatCircle . COM
In-reply-to:	<Pine . LNX . 3 . 91 . 970830222309 . 5836C-100000 @ gargoyle> from "Paul D. Robertson" at Aug 30, 97 10:54:32 pm

In some mail from Paul D. Robertson, sie said:
[...]
> On-site gives you physical access, and if I'm not auditing physical 
> access, then I may require that you do the penetration testing remotely. 
> I have to balance letting you on-site with my trust of you and your company.  
> It is getting harder to tell the bad guys from the good guys, and I might not 
> like the idea of finding out the hard way who's who.

What I like to arrange is to do testing on the firewall "unplugged" from
the internal network so thath there is minimal risk of "bad things"
happening or getting through.

When testing FW-1 setups, I also like to have a box on the "other side"
which I control, so I can see what packets get through - not just what
gets back.

Darren

References:

Re: Remote Firewall Penetration Testing
From: "Paul D. Robertson" <proberts @ clark . net>

Indexed By Date	Previous:	RE: Remote Firewall Penetration Testing From: Frank Willoughby <frankw @ in . net>
Indexed By Date	Next:	[no subject] From: Unknown
Indexed By Thread	Previous:	Re: Remote Firewall Penetration Testing From: "Paul D. Robertson" <proberts @ clark . net>
Indexed By Thread	Next:	RE: Remote Firewall Penetration Testing From: Russ <Russ . Cooper @ rc . on . ca>