Penetration Testing mailing list archives
pen test VPN
From: cdowns <cdowns () skillsoft com>
Date: Mon, 25 Feb 2002 09:06:34 -0500
I have several networks with VPN ( Intel Roadwarrior ) and ( Ipsec FreeS/WAN ). What I have done is Place SNORT on all gateways with a nice tight ruleset ( Added rules for known exploits that don't exist in Rulebase ) and then actually attack through ( Using a VPN Client or Other side ) as if A host was Hijacked, Making sure IDS will grab all data that passes through my VPN networks to my internal networks. We all know that VPN does nothing more then encrypt Data. We need to make sure that the data being transfered to our interal networks is actually Good Data. ~!>D -- --------------------------------- Network Security Administrator Skillsoft Corporation http://www.skillsoft.com cdowns () skillsoft com "You can't point and click your way to super cracker status" --------------------------------- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- pen test VPN Carl Bysen (Feb 25)
- Re: pen test VPN Jose Nazario (Feb 26)
- Re: pen test VPN Mark Rowe (Feb 27)
- <Possible follow-ups>
- pen test VPN cdowns (Feb 25)
- RE: pen test VPN DABDELMO (Feb 25)
- RE: pen test VPN Eric Hines (Feb 26)
- RE: pen test VPN Aleksander P. Czarnowski (Feb 26)