Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Netscreen firewalls

Re: Netscreen firewalls

From: Jon Sabo <jonathan.sabo_at_gmail.com>
Date: Fri, 15 Dec 2006 14:48:54 -0500

Mike,

I doubt you're going to find much of a downside. While working for one of
the larger MSSP's we deployed lots of the different firewalls for hundreds
of different companies. As a result Netscreens are my favorite firewall,
especially the ISG's. They're sick. Pix's are cool too but for any kind of
deep packet inspection (and not a proxy) you have to go to with Netscreens
or checkpoints... and Netscreens support doesn't suck and the configuration
is a text file. ISG's with IDP modules allow you to send certain traffic to
the IDP for analysis per rule! The only thing I think is kind of nuts is
that you can factory reset a Netscreen by logging in with the serial number
as the user name and password. This is an idp hack but... its still really
cool.... albeit old.

http://web.archive.org/web/20040528165427/hack3rs.org/~nahual/netscreen.html

Ez.

Jonathan Sabo

On 12/15/06, Mike LeBlanc <mlinfosec_at_comcast.net> wrote:
>
> All,
> I'm looking for guidance on vulnerabilities/downsides to the Netscreen
> firewalls. I am
> not looking to start a flamefest on Netscreen but simply am looking for
> the
> downside.
> We currently are a cisco pix shop and have monitoring and change
> management
> built
> around cisco. I have done a google on Netscreen vulnerabilities and
> issues
> but
> didn't find much current data. Any information is appreciated in advance,
> including
> links to current data. Additionally if you have personal expereince,
> positive or
> negative, with Netscreen I would like to hear it.. off list if so desired.
>
> Thanks in advance for any information you can provide,
>
> Mike LeBlanc, CISSP
> VP/Infosec officer for multinational bank
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Dec 15 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos