At 11:41 AM 5/14/2001 -0400, Ansar Mohammed wrote:
>Yes there is a way.
>
>A while ago blackhat released an exploit for checkpoint fw-1.
>
>A side effect of the exploit, regardless of wether it works or not is
>that it displays all ip interfaces of the firewall. However, the
>firewall rules must allow you to access the management ports.
>
>
>The exploit runs on Linux or OpenBSD. You can find it at
>www.blackhat.com
BlackHat.com is for the BlackHat Briefings put on by DT, I mean Jeff Moss.
anyway the talk can be found here (powerPoint, SureStream audio and Video)
http://www.blackhat.com/html/bh-usa-00/bh-usa-00-speakers.html#John McDonald
(sorry for the bad URL, they have a space in it)
But BlackHat did not release an exploit.
Details by the team that presented it can be found at
http://www.dataprotect.com/bh2000/
along with powerpoint slides and the source for their exploit.
> > -----Original Message-----
> > From: Penetration Testers [mailto:PEN-TEST_at_SECURITYFOCUS.COM]
> > On Behalf Of priya subramanian
> > Sent: Monday, May 07, 2001 5:11 AM
> > To: PEN-TEST_at_SECURITYFOCUS.COM
> > Subject: [PEN-TEST] Detecting the presence of a firewall
> >
> >
> > Pl clarify the following
> >
> > 1. Are there any means of detecting the presence of a
> > checkpoint firewall at a company's premises, from a remote location.
> >
> > 2.Knowing one interface of the firewall machine, is it
> > possible for me to find the ip addresses of the other interfaces.
> >
> > Kindly reply at the earliest.
> >
> > Priya
> >
> >
> >
> >
> >
> >
> > ____________________________________________________________
> > Do You Yahoo!?
> > For regular News updates go to http://in.news.yahoo.com
> >
--
MadHat at unspecific.com
Received on May 15 2001
Intro
