Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Pen Testing Tippingpoint
From: John Lampe <jwlampe () tenablesecurity com>
Date: Tue, 12 Jun 2007 11:06:27 -0500

TStark wrote:

Hello,

I am planning on pen testing a Tippingpoint appliance, I think it's a
200e, I'm looking for some suggestions on what to use to pen test this
thing.
I haven't found a Nessus plug in to help test this appliance, I'd bet
there is one out there somewhere.

Any information to help me test/penetrate Tippingpoint would be very
helpful, I'd like to make sure we test this thing well before we shell
out that kind of dough.


I think you'll want to look at traffic processed at the device, but not
destined for the device.  Look at stuff like:
stream reassembly
fragmentation
encoding/decoding
compression

Look at the protocols that it supports and then think about ways it
would be really, really easy to mishandle those protocols.  Nessus is a
great tool, but I think you would be better off using Nessus with
dangerous checks and scanning a machine that is *protected* by the
Tippingpoint device.  I'd recommend the same with a protocol fuzzer.

just my .02.  have fun.

-- 
John Lampe
Senior Security Researcher
TENABLE Network Security, Inc.
jwlampe () {nessus org,tenablesecurity.com}
Tele: (410) 872-0555
www.tenablesecurity.com

Is your network TENABLE?
---------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]