-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 15,
> 2001 3:23 AM
>
> [...]
> Agreed. I was just focusing on the Firewall aspect. All of the
> methods you have mentioned here (I would add the insertion of
> Malware
> via e-mail
> - though probably not as part of a penetration test) are all
> directed to
> the external NAT address of the Firewall as discussed.
hmm... don't know about that. If you use proxies or FTP port methods,
yes your endpoint is the external address of the device, but your
target are the internal addresses. Just a definition issue, I guess.
Does a VPN connect to internal or external IP addresses? The tunnel
terminates on an external address, the packets though are directed at
an internal address.
So if you know the internal IP address, you would direct scanners
(i.e. nmap) against the internal address, using the FTP or proxy
external IP just as a 'hop'(hub?). Even though the scan hits the
external IP first and then gets redirected, the goal is to scan the
internal IP address.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBOowDp5ytSsEygtEFEQLLzACbBbSu13i+T2j6/m2ibxoWr+Xy1y4AoNSE
sBiE7bdvtbc2e7EBeqZm4PqO
=W2IP
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
