nanog mailing list archives
Re: Penetration Test Assistance
From: Andrew Latham <lathama () gmail com>
Date: Tue, 5 Jun 2012 11:32:20 -0400
On Tue, Jun 5, 2012 at 10:52 AM, Green, Timothy <Timothy.Green () mantech com> wrote:
Howdy all, I'm a Security Manager of a large network, we are conducting a Pentest next month and the testers are demanding a complete network diagram of the entire network. We don't have a "complete" network diagram that shows everything and everywhere we are. At most we have a bunch of network diagrams that show what we have in various areas throughout the country. I've been asking the network engineers for over a month and they seem to be too lazy to put it together or they have no idea where everything is. I've never been in this situation before. Should I be honest to the testers and tell them here is what we have, we aren't sure if it's accurate; find everything else? How would they access those areas that we haven't identified? How can I give them access to stuff that I didn't know existed? What do you all do with your large networks? One huge network diagram, a bunch of network diagrams separated by region, or both? Any pentest horror stories? Thanks, Tim
Any penetration test should only require your networks and masks. As far as a diagram it is of value to keep a staff member with the singular task of documentation and auditing or an optional contract basis. Small things like typographical errors can cause great confusion in emergency situations. Take the time and do it right. I personally prefer the flexibility and ease of use that Mediawiki offers but other free and pay solutions exist. -- ~ Andrew "lathama" Latham lathama () gmail com http://lathama.net ~
Current thread:
- Penetration Test Assistance Green, Timothy (Jun 05)
- Re: Penetration Test Assistance Andrew Latham (Jun 05)
- Re: Penetration Test Assistance Peter Kristolaitis (Jun 05)
- Re: Penetration Test Assistance Jason 'XenoPhage' Frisvold (Jun 05)
- Re: Penetration Test Assistance Brett Watson (Jun 05)
- Re: Penetration Test Assistance Bacon Zombie (Jun 05)
- Re: Penetration Test Assistance Peter Kristolaitis (Jun 05)
- Re: Penetration Test Assistance Peter Kristolaitis (Jun 05)
- Re: Penetration Test Assistance Andrew Latham (Jun 05)
- Re: Penetration Test Assistance Justin M. Streiner (Jun 05)
- Re: Penetration Test Assistance jim deleskie (Jun 05)
- Re: Penetration Test Assistance Joel jaeggli (Jun 05)
- Re: Penetration Test Assistance Quinn Kuzmich (Jun 05)
- RE: Penetration Test Assistance Baklarz, Ron (Jun 05)