Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Testing Pix, launching hack

Status
Not open for further replies.

hollandCAT

Technical User
May 26, 2005
11
NL
Hello all,

after configured pix, next my task is to test pix, so i need to launch ip snoofing, or SYN attack. who has this kind of experience? help me,please!

Joanna
 
You basically just need to run some tools against it from the outside. There are tons of hack tools like these around. I.e. Ping of Death etc...

Just look up the different types of attacks one might use and against a firewall and undoubtedly they will mention the different tools that are available for these sorts of things.

Next, setup a connection outside of the firewall in a location similar to a user that would be trying this from some place on the net and have it.

You should also be running some type of syslog to monitor this stuff. Otherwise you won't be able to prove out what is going on.
 
Really what you wan't to test is not the pix, it won't show any open ports unless you have static nat's to some server or enabled ssh/telnet on the outside from the adress you are attacking from, most hacks will be directed against hosts not firewalls. What you really wanna do is run some exploit scanners against say your mail server/web server/dns server whatever you might have exposed through the pix to the public. something like nessus would be able to tell you quite a bit. Also you should narrow down the services allowed from inside to the public to limit the possibility of virus/worm/trojan infections


Network Systems Engineer
CCNA/CQS/CCSP/Infosec
 
ahh yes ...dopehead you hit the nail right on the head!!!
 
Hello guys,

Yes, you both ideas are right!![gorgeous]

i had set up some filters command on pix,like filter java applet, and used "Shunning" command, and configured commands for agaisting SYN Floodguard,etc. but that is not real enough for a network, isn't it? [ponder]



joanna
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top