Penetration Testing mailing list archives
IPSO/Secure Platform audit
From: Dan Rogers <pentestguy () gmail com>
Date: Thu, 18 Aug 2005 13:00:50 +0100
Hi list, I'm currently reviewing a Check point/Nokia box and a Secure Platform manager. The settings in Voyager are all good, and likewise the Web GUI of the SPLAT manager is fine, they're both patched and the policy is also clean - but I want to ensure the o/s themselves are ok. I've checked that there aren't any users there shouldn't be in /etc/passwd, checked there aren't any unknown processes (at least any visible ones), any unusual open ports or any strange scripts scheduled to run in crontab. The firewall logs themselves aren't showing anything unusual. I am concerned that a previous administrator may have left himself access by the back-door somehow - but am not in a position to rebuild them to be sure. What else would you lot check for? Ta Dan ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- IPSO/Secure Platform audit Dan Rogers (Aug 18)
- Re: IPSO/Secure Platform audit Volker Tanger (Aug 18)
- <Possible follow-ups>
- Re: IPSO/Secure Platform audit Olasupo Lawal (Aug 18)
- RE: IPSO/Secure Platform audit Erin Carroll (Aug 19)
- RE: IPSO/Secure Platform audit Matthew MacAulay (Aug 19)