|
Penetration Testing
mailing list archives
Re: win2000
From: H D Moore <hdm () secureaustin com>
Date: Thu, 5 Jul 2001 14:14:05 -0500
What about using your 2000 box as a NAT router for the VPN network? I think
2000 has this capability built in, otherwise you can pick up a WinRoute type
aplication and try that. If you get really desperate, install a SOCKS proxy
server, then grab the socks unix package from www.socks.nec.com, and finally
do a runsocks nessusd on your linux machine after setting the appropriate
variables. You then need to force nessus to only use tcp connect() calls (as
well the portscanner plugins, use nmap with -sT). That might allow you to
perform about half of the nessus checks. Another option could be running
VMWare on the 2000 machine and creating a Linux/BSD Virtual Machine. I have
no idea how the network/routing works under Windows VMWare, but under Linux
you can transparently NAT the VM's. Good luck, I am interested in hearing if
any of the above methods work.
-HD
On Wednesday 04 July 2001 01:43 am, walter valenti wrote:
Hi,
I'm doing a pen test on a network via VPN with CheckPoint SecureClient.
I can't use a Linux box, why the customer not provides us the client for
linux but only for win98,NT,2000.
I use 2000, why using NT the nmap(nt) don't work on a VPN.
=> I'v got two problem: find a good and efficient tool for 2000 like
NESSUS;
built the raw socket on 2000 (the Net::RawIP of Perl is only for *nix),
there is some library in C?
--------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
- win2000 walter valenti (Jul 05)
- <Possible follow-ups>
- RE: win2000 Dawes, Rogan (ZA - Johannesburg) (Jul 06)
|
Intro
