Penetration Testing mailing list archives
Re: Finding multi-homed, internet connected, systems as potential point-of-entry.
From: H D Moore <sflist () digitaloffense net>
Date: Mon, 5 Dec 2005 23:26:17 -0600
I wrote a paper on rogue network detection and developed some tools to automate the process. You can find the paper and the toolkit online at: - http://metasploit.com/research/misc/rogue_network/ -HD On Monday 05 December 2005 07:41, Bongers, Coen wrote:
Hello, Im asked to assess the existence of so-called multi-homed systems on the network of a customer, that are able to directly connect to the internet (and thus circomventing the proxy services), in order to reduce the risk of network compromise through this 'illegal' internet-access. Any tips and/or help on how to approach this would be appriciated. The following approach is my present idea; -Send a spoofed (spoof an internet address under our control) message (IP/ICMP/UDP,etc) to the target(s) from the internal network. -Detect for the response of this message on the spoofed address at the internet. -Log some identifiing information in the initial message, that will end up on the response so that the response can be correlated with the internal address of the system.
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Finding multi-homed, internet connected, systems as potential point-of-entry. Bongers, Coen (Dec 05)
- Re: Finding multi-homed, internet connected, systems as potential point-of-entry. H D Moore (Dec 05)
- Re: Finding multi-homed, internet connected, systems as potential point-of-entry. MadHat (Dec 06)
- <Possible follow-ups>
- RE: Finding multi-homed, internet connected, systems as potential point-of-entry. Royster, Keith (Dec 07)