Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap mapping fw's
From: Bo Cato <jcato73 () comcast net>
Date: Thu, 9 Oct 2003 18:51:07 -0400

Firstly blackice defender (which I assume is what is on your laptops)
doesn't block icmp via any GUI setting you can make. Although if you
are slick you can edit the blackice config file by hand to accomplish
this. Secondly where exactly are you scanning from? Inside or outside?

The Pix by default has nice security 0 and 100 levels that protect
even the most ignorant admins. It's the admins with a "little" bit of
knowledge that the Pix can't even protect since insecure access lists
and conduit statements can rip huge holes into anything.

Checkpoint fw1 is all about defining your objects and rules correctly.

Without any information it's hard to answer your question but you may
want to ponder this.

You ever play catch as a kid? Ya know, you throw a ball and someone
catches it. Apply that on a network level and you'll have your
most basic assessment.

For something comprehensive try www.nessus.org, which... by the way...
uses nmap, runs hundreds of tests, and can even make nice picture pie
charts for the management cattle to graze on.

You may want to do yourself a favor and read a white paper or two on
pen testing since your employer is apparently depending on you for
their security or lack of it.

Hello jaye,

Thursday, October 09, 2003, 2:38:04 PM, you wrote:

jhc> Hash: SHA1

jhc> How do people map firewalls (blackice, checkpoint fw1 and pix) with nmap,
jhc>  if at all?  We've been tasked with using nmap for Asset management,
jhc> which is cool, but all of our laptops have blackice on them now.  I already
jhc> do these scans with the P0 option, but I was looking for more ideas on
jhc> this.

jhc> thank you

jhc> Jaye Gettes
jhc> -----BEGIN PGP SIGNATURE-----
jhc> Note: This signature can be verified at https://www.hushtools.com/verify
jhc> Version: Hush 2.3

jhc> wkYEARECAAYFAj+FqdAACgkQhQwe0z0ejgfuOACguNdGGsAn0syk0EMrUCj1DgLQQf0A
jhc> n3HFTDlt3JigS8WEZhhHanuy9WkX
jhc> =RLpl
jhc> -----END PGP SIGNATURE-----

jhc> ---------------------------------------------------------------------
jhc> For help using this (nmap-dev) mailing list, send a blank email to 
jhc> nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Best regards,
 Bo                            mailto:jcato73 () comcast net

For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]