Re: [FW-1] Scanning host thru Check Point

Subject:	Re: [FW-1] Scanning host thru Check Point
From:	"Millan, Raul" <Raul.Millan AT CWPANAMA DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 24 Jan 2006 10:53:45 -0500

I wouldn't recommend scanning thru the fw; it'll give you a false sense of 
security, since most of the attacks are stopped by smartdefense.

I have the same problem, and what I did is to install a nessus probe on each 
network separated by the firewall, and then launch the attacks locally, using 
NessusWX (back when it was supported, any news about this) I could managed all 
my probes and scans from a central point, in order to avoid the blocking on the 
firewall, and the corresponding amount of alerts.

You can do the same in a machine with Linux installed, just use the Nessus 
client to connect to the different probes.

I even tried a rule with "any" on ports/services, it didn't work, it would 
still be stopped by Smartdefense, which is kind of nice (no way of allowing an 
attack thru due to human error).

Cheers,

Raúl

-----Mensaje original-----
De: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT 
AMADEUS.US.CHECKPOINT DOT COM] En nombre de Nick Brandson
Enviado el: Lunes, 23 de Enero de 2006 11:02 p.m.
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Asunto: [FW-1] Scanning host thru Check Point

Dear guru,

I need to pass the IT audit requirements(e.g.SOX),
scanning our public server (web,ftp..) thru our CP
firewall.

1. What tools we should use?  (Nessus, Internet
Scanner)
2. Would the penestration test/VA scanning be
successful thru fw?
2. Is there any add'l ports need to be opened?
 
Please help,
Thanks,
Nick

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Scanning host thru Check Point, Nick Brandson Re: [FW-1] Scanning host thru Check Point, Millan, Raul <= [FW-1] RES: [FW-1] Scanning host thru Check Point, Flávio Luiz Mina Re: [FW-1] Scanning host thru Check Point, Costaras Steve - stcost

Previous by Date:	Re: [FW-1] SPLAT - AI R55 - Alerts from cluster member, Tom Brown
Next by Date:	Re: [FW-1] Scanning host thru Check Point, Costaras Steve - stcost
Previous by Thread:	[FW-1] Scanning host thru Check Point, Nick Brandson
Next by Thread:	[FW-1] RES: [FW-1] Scanning host thru Check Point, Flávio Luiz Mina
Indexes:	[Date] [Thread] [Top] [All Lists]