additionally, audit the OS the firewall run on as well as the configuration of the firewall you are running, make sure the OS does not allow protocols the firewall does not handle and that the firewall has not been configured as a mere open router...one might wish to thest the firewall from the inside too, as they are often two way control devices, epending upoin the policies it/they are meant to support.
Thanks, Ron DuFresne On Fri, 1 Feb 2002, Alvin Oga wrote: > > hi ya jeff > > download and run all the rootkits against your network from > the outside... ( just like all the script kiddies will be > http://www.Linux-Sec.net/Hacking/ > > and than try methodically pierce your firewall > http://www.linuxdoc.org/HOWTO/mini/Firewall-Piercing/ > http://www.linuxdoc.org/HOWTO/mini/Term-Firewall/ > > c ya > alvin > http://www.Linux-Sec.net > > On Fri, 1 Feb 2002, Jeff Taylor - IT Audit wrote: > > > Anyone have some good process steps for auditing a firewall? > > Thanks, > > Jeff > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
