[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pen-test
Subject:    RE: Fingerprinting PIX with nmap
From:       "Paul Melson" <pmelson () gmail ! com>
Date:       2008-04-30 17:20:58
Message-ID: 004b01c8aae6$8f32f2e0$4d00300a () ad ! priorityhealth ! com
[Download RAW message or body]

> I got the following result while using nmap, the scan of port 25 gives the
firewall brand, what should be the 
> recommendation to disable that PIX fingerprinting?

Why would you recommend that they do anything about the fact that a port
scanner can identify the version of firewall that they're running?  I mean,
aside from the obvious answer that you have no higher severity findings to
report.


> I guess disabling the mail guard "fixup smtp" on the pix is not a good
idea.

Not for the sole purpose of avoiding detection by NMap.  Know why?  Because
the next time you run that scan, NMap will identify the mail server sitting
behind it instead of the PIX proxy.  And as recon goes, identifying
OS/app/version of an internal server is more valuable than identifying the
brand (but not specific version) of the border firewall.

PaulM



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[prev in list] [next in list] [prev in thread] [next in thread]