@@PurpleSec I would rather suggest you read Stallings. In the meantime: first gen filtered only by comparing L3 and L4 header with ACLs for each packet. Then statefull connection tracking was added. Then the ability to look at content above L4, scan for malware in payload, filter based on URL, scan encrypted traffic - this is what is mostly called next-gen. Add some AI, behavior analysis, attack profiles.. you've got IDS/IPS.
How about you actually show what's like to pen test a firewall externally and internally - use the tools in real time and view the results and then take the next steps until completion?
Technically I don’t have to do anything. Also, I don’t delete comments unless it’s spam. So either you have the wrong PurpleSec or you spam 🤷♂️ - Jason
Did we miss any steps in the firewall penetration testing process? Are there new tools or tactics you've had success with? Let us know!
No, but you are confused about firewall generations.
@@code123ns Well that's no good. Would you mind pointing out the area of confusion so we can take a look and get it updated?
Thanks!
- Jason
@@PurpleSec I would rather suggest you read Stallings. In the meantime: first gen filtered only by comparing L3 and L4 header with ACLs for each packet. Then statefull connection tracking was added. Then the ability to look at content above L4, scan for malware in payload, filter based on URL, scan encrypted traffic - this is what is mostly called next-gen. Add some AI, behavior analysis, attack profiles.. you've got IDS/IPS.
@@code123ns Appreciate the input! We'll take a look into this on our end and update accordingly. Thank you!
How about you actually show what's like to pen test a firewall externally and internally - use the tools in real time and view the results and then take the next steps until completion?
This is very informative and quality content. As a young aspiring cyber security specialist and ethical hacker, this was very useful to me. Thank you!
Happy to hear this was valuable for you, Tomass!
- Jason
Very helpful, concise and precise. Thank you...!!! 🙏🙏🙏
Appreciate the kind words and feedback! Happy it was useful for you! Feel free to check out more -> purplesec.us/learn/
- Jason
Thanks for your explanation on Firewall Pen Test. It’s really good to understand 👍
Happy to hear this helped!
- Jason
Bro, you deserve more attention!! pls keep it up
Really appreciate the feedback! Seriously, this is what keeps us going. Let us know if you have any topics you'd like covered in the future!
- Jason
thank you very much
First time to see content like this keep up bro
Appreciate the feedback! Thrilled to hear you enjoy the content. Let us know if there are any topics you'd like us to cover in the future.
- Jason
@@PurpleSec I would be great if you could make something related cloud pentesting.
@@Thunder-dp7du excellent suggestion! We will add this to our queue.
- Jason
Brilliant. Thank you so much
You’re very welcome. Glad this brought you value!
- Jason
Quality content
so how can we do firewall review and which standard we should follow while reviewing
great content..quite informative
Happy to hear this was of value!
- Jason
from nmap manual, it seems nmap -sA results are filtered and unfiltered only, it never determines open or open|filtered.
Awesome
Glad you found value!
- Jason
Thanks for the knowledge. Can you let me know how to test a web application firewall?
Thanks in advance
Glad this was helpful! My answer is… carefully.
- Jason
What is ip and id in hping ?
very calitate but usefull when you whant to se kid istoric on ingognito big likee
thanks you
Bro voice is lil low!
You’re not the first to say this so I know it’s not a tech issue. Hopefully the content was at least good 🤣
- Jason
Why you are deleting my comments? Do you think you are doing right? You have to accept All critics related to your video. It's 4 of 10.
Technically I don’t have to do anything. Also, I don’t delete comments unless it’s spam. So either you have the wrong PurpleSec or you spam 🤷♂️
- Jason