I Think it´s a good idea to make internal scan to see the hosts
vulnerability and a external scan with a low frequency, to have the results
of a external hacker.
Flávio Mina
-----Mensagem original-----
De: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]Em nome de Millan,
Raul
Enviada em: terça-feira, 24 de janeiro de 2006 13:54
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Assunto: Re: [FW-1] Scanning host thru Check Point
I wouldn't recommend scanning thru the fw; it'll give you a false sense of
security, since most of the attacks are stopped by smartdefense.
I have the same problem, and what I did is to install a nessus probe on each
network separated by the firewall, and then launch the attacks locally,
using NessusWX (back when it was supported, any news about this) I could
managed all my probes and scans from a central point, in order to avoid the
blocking on the firewall, and the corresponding amount of alerts.
You can do the same in a machine with Linux installed, just use the Nessus
client to connect to the different probes.
I even tried a rule with "any" on ports/services, it didn't work, it would
still be stopped by Smartdefense, which is kind of nice (no way of allowing
an attack thru due to human error).
Cheers,
Raúl
-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] En nombre de Nick
Brandson
Enviado el: Lunes, 23 de Enero de 2006 11:02 p.m.
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Asunto: [FW-1] Scanning host thru Check Point
Dear guru,
I need to pass the IT audit requirements(e.g.SOX),
scanning our public server (web,ftp..) thru our CP
firewall.
1. What tools we should use? (Nessus, Internet
Scanner)
2. Would the penestration test/VA scanning be
successful thru fw?
2. Is there any add'l ports need to be opened?
Please help,
Thanks,
Nick
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
