Ricardo, I havent tested this with G2000, however from my experience PAM will not fire the bo2k event if you are shooting it in the blue sky, i.e. if there is no trojan listening at the backend. I believe this is because of the nature of PAM to prevent false pos and report real world events only. However certain scanners may trigger the event, which would proove my theory to be wrong. My guess is the behaviour is something in between. In fact it is more difficult to pentest a G2000 vs. other sensors cause you may have to prepare some real world hacks rather than pretending to be the bad guy!
Regards Karl Ricardo Vargas Lopez schrieb: > Hi Gurus: > > > > We are testing the proventia G2000 in-line protection mode but it doesn't > recognize the bo2k.exe that is an backdoor program to testing this attack. > > > > Do you have suggestions about what is the correct form to how to configure > the proventia G2000? > > > > Thanks in advance. > > > > > > RV > > > > > > _______________________________________________ > ISSForum mailing list > [email protected] > > TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to > https://atla-mm1.iss.net/mailman/listinfo/issforum > > To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] > > The ISSForum mailing list is hosted and managed by Internet Security Systems, > 6303 Barfield Road, Atlanta, Georgia, USA 30328. > -- Karl-Heinz Jaeger Manager Customer Services ______________________________________________________________ Schützen Sie Ihr Netz von Innen. - Sensibilisieren Sie Ihre Mitarbeiter für IT-Sicherheit. Erfahren Sie alles über unser kostenloses Security Awareness Training unter: http://www.open-beware.de Besuchen Sie unseren IDP-Workshop am 16.November 2005 in Frankfurt. Informieren Sie sich hier: http://www.bdg.de/ Treffen Sie am 19. jeden Monats IT-Sicherheits-Experten beim BDG-Security-Point! Alle Informationen finden Sie hier: http://www.bdg.de/security-point ______________________________________________________________ * BDG GmbH & Co. KG - Make IT safe. * Stolbergerstr. 307 D-50933 Koeln Tel: +49 (0)6126-94433-0 Fax: +49 (0)6126-94433-31 E-Mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Web: www.bdg.de <http://www.bdg.de> ______________________________________________________________ _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
