Firewalls: Re: Remote Firewall Penetration Testing

Firewalls
(September 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Remote Firewall Penetration Testing
From:	Jyri Kaljundi <jk @ stallion . ee>
Date:	Mon, 8 Sep 1997 12:20:08 +0300 (EET DST)
To:	Firewalls @ GreatCircle . COM
In-reply-to:	<199709061937 . MAA21617 @ honor . greatcircle . com>

Frank Willoughby <frankw @
 in .
 net> wrote:

> I will not put Fortified Networks nor the customer at risk in doing 
> remote testing until I can find a way to do it *securely* without 
> sacrificing quality or accuracy.  So far I haven't seen it.  I would
> like to hear more about your proposed solutions (or alternatives), 
> though.  

Have you thought of using encrypted VPN tunnels between your location and
the customer? That way it would be pretty much the same as being at
customers location, or not? With one VPN server at your site, you can put
the other one just in front of the firewall at customers site, at the DMZ
zone or even in the internal network of the customer (with 2 last cases
involving letting one TCP port through the clients firewall).

Another great way to use Data Fellows F-Secure VPN ;-)

Jyri Kaljundi
jk @
 stallion .
 ee
AS Stallion Ltd
http://www.stallion.ee/

Indexed By Date	Previous:	Re: adding payload examination to ipfilter/ipfw From: Jyri Kaljundi <jk @ stallion . ee>
Indexed By Date	Next:	Re: adding payload examination to ipfilter/ipfw From: ArkanoiD <ark @ paranoid . convey . ru>
Indexed By Thread	Previous:	Re: Remote Firewall Penetration Testing From: Frank Willoughby <frankw @ in . net>
Indexed By Thread	Next:	CLUSTERED FIREWALLS From: Arjo Mukherjee <mukherjee @ ebo . dec . com>