Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Pentesting Old unsupported Firewall Appliances
From: "Michael Scheidell" <scheidell () secnap net>
Date: Tue, 12 Jun 2007 18:42:50 -0400

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of Harold Castro
Sent: Monday, June 11, 2007 4:56 AM
To: pen-test () securityfocus com
Subject: Pentesting Old unsupported Firewall Appliances


I'm new in pen testing.
Recently, I came across this firewall appliance
running Apache/1.3.26 
(Unix) mod_dtcl mod_ssl/2.8.10 OpenSSL/0.9.7 during an
external pentest.

'came across'?

If this client has paid you to pen test this device, just look up the
hacks, download the scripts, exploit the hole, leave a file, gif or
create a subdirectory on the device to show user it is vulnerable.

Let user replace or update it, depending on budget and/or support level.
Michael Scheidell, CTO
SECNAP Network Security Corporation
This email has been scanned and certified safe by SpammerTrap(tm).
For Information please see http://www.spammertrap.com

This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]