pen-test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Pentesting Old unsupported Firewall Appliances

from [Michael Scheidell] [Permanent Link][Original]
To: "Harold Castro" <b0ydaem0n@yahoo.com>, <pen-test@securityfocus.com>
Subject: RE: Pentesting Old unsupported Firewall Appliances
From: "Michael Scheidell" <scheidell@secnap.net>
Date: Tue, 12 Jun 2007 18:42:50 -0400
Delivered-to: sp-com-lists@consult.net
Delivered-to: pentest-list2@consult.net
Delivered-to: mailing list pen-test@securityfocus.com
Delivered-to: moderator for pen-test@securityfocus.com
List-help: <mailto:pen-test-help@securityfocus.com>
List-id: <pen-test.list-id.securityfocus.com>
List-post: <mailto:pen-test@securityfocus.com>
List-subscribe: <mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list: contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date: Fri, 15 Jun 2007 10:43:56 -0600 (MDT)
Resent-from: pen-test-return-1078484368@securityfocus.com
Resent-message-id: <20070615164356.9143C1442E8@outgoing2.securityfocus.com>
Resent-sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com
Thread-index: Acesoq5WITFH1nVuSlq/9n5DfdkmHgAoBHHQ
Thread-topic: Pentesting Old unsupported Firewall Appliances 

> -----Original Message-----
> From: listbounce@securityfocus.com 
> [mailto:listbounce@securityfocus.com] On Behalf Of Harold Castro
> Sent: Monday, June 11, 2007 4:56 AM
> To: pen-test@securityfocus.com
> Subject: Pentesting Old unsupported Firewall Appliances
> 
> 
> Hi,
> 
> I'm new in pen testing.
> Recently, I came across this firewall appliance
> running Apache/1.3.26 
> (Unix) mod_dtcl mod_ssl/2.8.10 OpenSSL/0.9.7 during an
> external pentest.
> 
'came across'?

If this client has paid you to pen test this device, just look up the
hacks, download the scripts, exploit the hole, leave a file, gif or
create a subdirectory on the device to show user it is vulnerable.

Let user replace or update it, depending on budget and/or support level.
-- 
Michael Scheidell, CTO
SECNAP Network Security Corporation
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(tm).
For Information please see http://www.spammertrap.com
_________________________________________________________________________

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Pen Testing Tippingpoint, WALI
Next by Date:  Re: Pentesting Old unsupported Firewall Appliances, vtlists
Previous by Thread:  Re: Pentesting Old unsupported Firewall Appliances, vtlists
Next by Thread:  Re: [Full-disclosure] SECNICHE : Dwelling Security is On the Run, dcdave
Indexes:  [Date] [Thread] [Top] [All Lists]