Re: network policy checking

[Sony C <raagamuffin () yahoo com>]

Ron,

I don't think I indicated that it is a Pen-test. Nevertheless, thanksfor the feedback. If there is a more appropriate 
forum where I should be posing this question, please consider sending me its details.

Thanks.

Regards,
SC.


----- Original Message ----
From: R. DuFresne <dufresne () sysinfo com>
To: Sony C <raagamuffin () yahoo com>
Cc: Todd Haverkos <fsbo () haverkos com>; pen-test () securityfocus com; pen-test-return-1078486239 () securityfocus com
Sent: Friday, March 28, 2008 9:31:06 AM
Subject: Re: network policy checking

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Then do a configuration audit.  This, that you detail is not a pen-test 
but a configuration audit.

Thanks,

Ron DuFresne


On Thu, 27 Mar 2008, Sony C wrote:

> Todd,
>
> My primary area of interest is to see if the network I am assessing meets certain best practices, for eg: all the 
> CISCO routers have a certain QOS, or IPSec/GRE tunnels are supported, etc.
> Hope this clarifies things a bit?
>
> Regards,
> SC.
>
>
> ----- Original Message ----
> From: Todd Haverkos <fsbo () haverkos com>
> To: Sony C <raagamuffin () yahoo com>
> Cc: pen-test () securityfocus com
> Sent: Thursday, March 27, 2008 10:29:57 PM
> Subject: Re: network policy checking
>
> Sony C <raagamuffin () yahoo com> writes:
>
> > Hello fellow pen-testers,
> >
> > I am looking for tools that perform network policy checking. Specifically, tools that allow the user to define a 
> > policy and then test the network elements to see if they adhere to this policy. As one might guess, this can be 
> > accomplished either via config file checking (passive) or actual network testing (active, via SNMP etc).
> > I am interested in both flavors, if they are available. These tools can be commercial or open-source/free/shareware.
> > While it is a broad requirement, this hypothetical tool will primarily be looking at routers, firewalls, etc.
> >
> > Thank you in advance for sharing your thoughts.
>
> Hi Sony,
>
> Could you give some examples of specific routers and firewalls you're
> looking to check, and what an example "network policy" issues you're
> interested in?  It might help focus down some of the recommendations.
>
>
>
>
>
>
>
>      ____________________________________________________________________________________
> Be a better friend, newshound, and
> know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant:  sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFH7PMcst+vzJSwZikRAq70AJ9ECXJ+wHvNGtDWoZWOQnDNaV5vDQCaAkAo
OlheUb8B0Bvud4VegSnZbVM=
=VX60
-----END PGP SIGNATURE-----





      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------