Penetration Testing mailing list archives
RE: Need Check list for Testing HSIA...
From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 8 Jan 2008 15:47:05 -0500
I'm looking to test the High Speed Internet Access(HSIA) for a hotel. I'd like to know the better way to approach it. For your information the Access Gateway that is being used is Nomadix!!!!! So can anyone provide me the check list to perform the necessary steps to
go further. In addition to looking at the gateway device for vulnerable services, you should also look at the web interface to see if there ways that you can bypass authentication, access administrator pages, etc. You should look at whether or not ARP spoofing/poisoning (and thus sniffing/hijacking) is possible from the public side of the gateway. You should look at whether hijacking of authenticated IP addresses is possible. Also, there is typically a "bypass list" on the gateway of hosts that can be accessed without authentication. This is usually defined by the vendor or reseller, and could be interesting. Good luck! PaulM ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Need Check list for Testing HSIA... whitehat (Jan 08)
- RE: Need Check list for Testing HSIA... peter.schaub (Jan 09)
- RE: Need Check list for Testing HSIA... Paul Melson (Jan 09)