Ronneil Camara wrote:
>
> Hi everyone. We'll be starting the pre-staging of our project next week. I
> was tasked to test the effectiveness of the IBM Firewall for AIX. So what
> tools can you suggest to test against this IBM firewall?
I'll be blunt here. If you need to ask that question, you aren't the
right guy to test the effectiveness of the firewall. Sure, you can
use nmap to test what would happen if someone does a more-or-less plain
connect() through the firewall. But unfortunately, there is a great
deal more to testing if a firewall is "good enough". If you already
have all the knowledge and tools available, you could spend several
months testing, testing, testing, doing combinations and re-testing
before you can claim to have tested the effectiveness of the firewall.
(Unless it breaks down on the first day, of course). How long did you
plan on doing your testing?
I mean no offense here.
What you _can_ do, of course, is see if the firewall has the
required features, is manageable, etc, so, by all means, go ahead
with your testing. Just don't expect it to be safe because you
couldn't find any holes in it :)
> Btw, on wednesday, I will submit to the IBM engr. the ports that needs to be
> opened. I need MsSQL to be opened and I found out in services file that
> run's on 1433/tcp. So I asked one of my colleage to do a connection to the
> MsSQL server using ODBC, I run ethereal for linux to capture that packets, I
> found out that it was talking to MsSQL through \PIPE and SMB something. I
> was expecting the port 1433 to appear on the capture packet but it didn't.
> Any ideas?
Yeah, you need to change your SQL client settings to use dbmssocn.dll as
library (for 1433/TCP) instead of the default dbnmpntw.dll, which uses
named pipes.
Regards,
Mikael Olsson
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/ E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
