Re: Help in passing a penetration test

From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 12/13/04 

Date: Mon, 13 Dec 2004 08:34:14 -0500

Penetration tests are expensive wastes of money if you haven't already
reasonably and fully secured your network [and know how to do so on your
own]

Pen tests aren't pass or fail. No doubt something will be found, probably a
lot of stuff. The pen test report should tell you how you might better pass
the next one, if there is a next one. The trick to getting your money's
worth from a pen test IMHO is to know how to have your network fairly secure
first, so that the

There is a wide variety of network vulnerability assessment scanning
software out there, such as Nessus, which can be run on a free Knoppix-STD
boot CD, or get a free Windows version called NeWT from
www.tenablesecurity.com [a firm that includes the author of Nessus].
Running a scan might be helpful, although it might be too late to beat the
test, or too late to make network changes with adequate testing. Just be
careful when scanning to not accidentally bring down your systems, lock out
user accounts or swamp the network with traffic. Read the manual and scan a
few test systems first or run scans after hours.

If you're not using telnet, you should disable it on your switches. And you
shouldn't be using telnet if you can help it at all. Log into your switches
using whatever switch management procedures you use and follow the
instructions to disable it.

"Hope" <hopelandess@hotmail.com> wrote in message
news:30E16286-9F06-49D7-8C4B-550C51AFA889@microsoft.com...
> Hi,
> I would really appreciate some help, and recommendations on defeating a
> penetration test a security firm has plan for our network. The following
has
> already been done.
> 1. Anonymous access restricted on servers except the primary Windows 2000
> DC
> 2. Null sessions blocked from WAN to LAN on firewall (port 139 and 445 and
> 135)
> 3. All Windows 2000 servers up-to-date with Service Packs and hotfixes
> 4. Baseline Security Analyzer ran and implemented on all servers.
> 5. I plan to set NoLMHash registry value on DCs.
>
> Can anyone tell me how to block telnet access from a firewall, and from
> switches, and what are the possible negative ramifications of doing so?
> What security tips can be implemented on switches?
> And am I right track, and what is missing from my above list?
>
> Thanks very much
> Hope.
>
> PS all servers are windows 2000
>
>
>

Relevant Pages

  • Re: Single domain two IP subnets
    ... hardware or any of the complexities of "network hardward ... I never criticize anyone's typing as long as the words can ... Cisco ISL VLANS are history. ... Newer Cisco switches don't even support ISL ...
    (microsoft.public.win2000.dns)
  • Re: new switching technologies
    ... mixed with stackable switches. ... i havent used these kit versions, but this is maybe the 5th or 6th iteration ... of a fix looking for a problem for L2 network resilience / load balancing. ... optimal one is what routing protocols were designed for and what they are ...
    (comp.dcom.lans.ethernet)
  • Re: SunRay 2FS MTU
    ... What type of switches and network cards are you using? ... Cisco 6509 with 100Mb modules running fiber to the SunRay MTRJ ports. ... Check that switches and Suns/Sun Ray are all using 100FDX (typically ... your switch needs to be able to buffer sufficent packets. ...
    (comp.sys.sun.admin)
  • Re: priviledge escalation techniques
    ... you've all the tools you need, and you can install additional ones (to ... If I press that BEFORE login, a CLI as SYSTEM is started, I can launch ... If the network is switched, perhaps you need an ARP poisoning tool. ... switches) in such a way that you can fool an ARP poisoning attempt. ...
    (Pen-Test)
  • Re: LISP for web
    ... Any large scale web app that is business critical is based on a few ... -> So you need at least two routers, two switches, two machines ... ... Load balancing is done based on content and on network traffic ...
    (comp.lang.lisp)