RE: Small Network Pen Testing




-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Rocky
Sent: Friday, November 03, 2006 9:27 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Small Network Pen Testing


Hi List,

I have clients that has only less than 30 computers and
3 servers running and a couple of cisco devices/WAP.
I installed their cisco devices,router/swithes & WAP but
they wanted me to pen testing their network and i did
using purely nmap.

Is there any simple and precise method for pen testing
small network?

No :-)

Are you talking EXTERNAL penetration testing? (ie: hack the flag?), are
you taking about vulnerabilities assessments? (list ALL possible
vulnerabilities, ie: PCI compliance type testing). Are you talking
about doing this INTERNALLY? (checking password policies, security
policies, firewall EGRESS rules?, IOS levels on the cisco, (WAP: you
mean they have a WAP->http gateway? Or WPA? They have wireless
(802.11/b/g))

At LEAST, run some freebie tools against it, like nessus
(www.nessus.org)

If client is under some type of government regulations (HIPAA, GLBA,
SOX, FISMA, FERPA) then get a qualified vendor to do an onsite IT
security compliance audit.
--
Michael Scheidell, CTO
561-999-5000, ext 1131
SECNAP Network Security Corporation
Keep up to date with latest information on IT security:
Real time security alerts: http://www.secnap.com/news

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • RE: Dhcp security
    ... Setting up a 802.1x wired network requires: ... vendors, including Cisco, provide solutions to ensure that only properly ... trust agent collects security state information from multiple security ... software clients, such as anti-virus clients, and then communicates this ...
    (Focus-Microsoft)
  • RE: How to find a changing IP on ethernet network
    ... Cisco Aironet 1200 Aps). ... part of their newCisco Self-Defending Network Initiative. ... Port Security is a good Cisco feature for a small LAN but when working with ... conjunction with Port Security. ...
    (Security-Basics)
  • RE: penetration tester advice
    ... Pen testing is not as simple as firing up a scanner and exploiting or simply ... You should clarify exactly what you hope to achieve from your "Pen Testing". ... will be able to confidently and accurately be able to report on the security ... level of your network. ...
    (Security-Basics)
  • Cisco Adds Security to Switches, Wireless Devices
    ... Cisco Systems Inc. is adding security features to its network switches ... sell software to help corporations combat spyware, ...
    (comp.dcom.telecom)
  • RE: How to find a changing IP on ethernet network
    ... I thought the buzzword for that was CSA - Cisco Security Agent. ... How to find a changing IP on ethernet network ... Port Security is a good Cisco feature for a small LAN but when working ...
    (Security-Basics)