TOPIC: PEN Test

PEN Test 12 years 4 months ago #17945

ramasamy Topic Author Offline Frequent Member Posts: 67 Thank you received: 0	Hi, If I want do a PEN test for the network behind the Firewall and need to know the active host when the firewall is Hardened properly. Is it possiable to do. If so can you tell me the steps. Thanks in advance.

Re: PEN Test 12 years 4 months ago #17948

Smurf
Offline
Moderator
Posts: 1390
Karma: 1
Thank you received: 0

The first place to start is probably by doing a port scan on the firewall. This will let you know what ports the firewall is allowing through to the servers behind. Once you know this, you can then check this against your security policy to ensure that these ports are supposed to be allowed. This will help to see if the firewall is configured ok.

Once you have a list of ports that are open, you can then try to do a fingerprint to see if the OS can be identified through the firewall to the backend machine.

n map can do the port scan (various different types of scans) and also do the OS Detection.

This is probably where i would start with your testing.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.