Audit unprotected Internet connections via WAN

[Dale Schartner <dschartner () usa net>]

Looking for recommended tools, procedures or advice.

In a larger corporate enviroment, with somewhat complex TCP/IP WAN, a primary
firewall (PIX) for the global WAN is maintained by the central support group.
The corporate policy is that "All Internet connections" must be through this
firewall.  However, there are several tempting ncentives/reasons, for a unit
IT/business manager to set-up a separate Internet connection, bypassing the
corporate Firewall/DMZ control environment (and possibly exposing the entire
internal network). 

In a current firewall audit, I want to identify the existance of other
such Internet connections. I'm more concerned about persistent connections
with, for example, a rogue IIS server than a PC/modem dialing into AOL.

Does anyone have any suggestions? ...especially interested if you've
accomplished this type of testing.

Dale Schartner, CISA
dschartner () usa net


....Dale              dschartner () usa net

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards