ASL Vulnerability Testing

What software/methods can I use to fully test the ASL for any vulnerabilities to put the "secured" stamp?

Also, I used the ISS Internet Scanner and the only thing that came back was "traceroute: Traceroute can be used to map network topologies" message.

I am not letting any ICMP packets to come through, so how else it has detected that it's able to perform traceroute through the firewall.
I am also not letting any UDP 33434-33534 ports through. I do host the mail, ftp and webserver.

Any ideas?

0 mogul over 23 years ago

Yashax

Try running Nmap on your asl box from the inside and outside. Pentest your box..

Look at http://www.sans.org/infosecFAQ/penetration/rules.htm

Dan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 yashax over 23 years ago in reply to mogul

Can anyone please recommend any other software / methods?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 SveN_01 over 23 years ago in reply to yashax

Hi yashax,

try: www.nessus.org
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mogul over 23 years ago in reply to SveN_01

As a point to note, Nessus trys to break the box you run it on..

Dan.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel