pen test VPN
From: cdowns (cdowns@skillsoft.com)Date: 02/25/02
- Previous message: Kevin Spett: "Re: SQL Injection"
- Next in thread: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
- Reply: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
- Reply: Aleksander P. Czarnowski: "RE: pen test VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Feb 2002 09:06:34 -0500 From: cdowns <cdowns@skillsoft.com> To: pen-test@securityfocus.com
I have several networks with VPN ( Intel Roadwarrior ) and ( Ipsec
FreeS/WAN ). What I have done is Place SNORT on all
gateways with a nice tight ruleset ( Added rules for known exploits that
don't exist in Rulebase ) and then actually attack
through ( Using a VPN Client or Other side ) as if A host was Hijacked,
Making sure IDS will grab all data that passes
through my VPN networks to my internal networks. We all know that VPN
does nothing more then encrypt Data. We need to
make sure that the data being transfered to our interal networks is
actually Good Data.
~!>D
--
---------------------------------
Network Security Administrator
Skillsoft Corporation
http://www.skillsoft.com
cdowns@skillsoft.com
"You can't point and click your
way to super cracker status"
---------------------------------
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Kevin Spett: "Re: SQL Injection"
- Next in thread: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
- Reply: DABDELMO@bouyguestelecom.fr: "RE: pen test VPN"
- Reply: Aleksander P. Czarnowski: "RE: pen test VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
