Firewall Wizards mailing list archives
Re: Internet Security Review
From: Bennett Todd <bet () rahul net>
Date: Mon, 13 Oct 1997 07:38:39 -0700
On Mon, Oct 13, 1997 at 02:15:55AM -0400, Mark Teicher wrote:
What are people's thoughts on what an Internet Security Review is?? What tools or programs would one use while conducting one, and how would one go about conducting one?
I just had some auditors do the first really great internet security review I've ever seen. Actually, it was internet, intranet, the whole schmeer. In broad outline, they started by hitting me with a series of ``scenarios''. For example, one of the scenarios was ``My site just got attacked by someone coming out of your site. I note that you are the technical contact listed in the whois database, so I call you and let you know. What do you do?''. I talked through how I'd respond to various situations. From that they got a quick sketch of our security stance and the people involved in implementing it. Then they asked more detailed questions: what versions of what software are you running on this box and that box? What do you see if you hit your firewall with strobe(1)? What do the logs look like? Finally, based on the details from the previous round of grilling, they brought in specific burglary tools --- scripts for burgling the sendwhale (``If you push it, it falls right over!''), portmapper exploits, YP hacks, etc. Most educational! -Bennett
Current thread:
- Re: Firewall administration., (continued)
- Re: Firewall administration. Marcus J. Ranum (Oct 07)
- Re: Small company question was Re: Firewall administration. Mark Teicher (Oct 09)
- Re: Small company question was Re: Firewall administration. Bennett Todd (Oct 10)
- Re: Firewall administration. Larry J. Hughes Jr. (Oct 09)
- Re: Firewall administration. Ted Doty (Oct 07)
- Re: Firewall administration. Bennett Todd (Oct 07)
- Re: Firewall administration. Ted Doty (Oct 12)
- Re: Firewall administration. Bennett Todd (Oct 12)
- Re: Firewall administration. Ted Doty (Oct 12)
- Internet Security Review Mark Teicher (Oct 13)
- Re: Internet Security Review Bennett Todd (Oct 13)
- Re: Internet Security Review Marcus J. Ranum (Oct 14)
- Securing Staff (was Re: Internet Security Review) Jeff Sedayao (Oct 15)
- Re: Internet Security Review Steve Kruse (Oct 13)
- Message not available
- Re: Policy and administration was Re: Firewall administration. Ted Doty (Oct 13)