Penetration Testing mailing list archives
[PEN-TEST] RIP & OSPF testing
From: Curt Wilson <netw3 () NETW3 COM>
Date: Sat, 25 Nov 2000 17:19:25 -0000
I'm wondering if anyone has any experience in RIP or OSPF attacks, spoofing or otherwise. If a client would like you to audit their network including routers and network infrastructure, some of the packet crafting tools like nemesis (nemesis-rip and nemesis-ospf) could be used for auditing, but I'm uncertain as to the exact syntax that would be necessary, especially when it comes to the OSPF packets and nemesis- ospf. If there are other tools for these types of tests I'd love to learn more about them, also any procedures you may have developed for auditing of these network infrastructure protocols. I'm looking for information that goes beyond the usual router exploits such as weak SNMP community names, bad choices for enable password, bad or no egress/ingress filtering, etc. I really want to dig into the protocol level. Thanks, Curt Wilson www.netw3.com
Current thread:
- [PEN-TEST] RIP & OSPF testing Curt Wilson (Nov 26)
- Re: [PEN-TEST] RIP & OSPF testing Dug Song (Nov 26)
- <Possible follow-ups>
- Re: [PEN-TEST] RIP & OSPF testing J. Oquendo (Nov 27)
- Re: [PEN-TEST] RIP & OSPF testing NetW3.COM Consulting (Nov 27)
- Re: [PEN-TEST] RIP & OSPF testing DA Smith (Nov 28)
- Re: [PEN-TEST] RIP & OSPF testing batz (Nov 28)
- Re: [PEN-TEST] RIP & OSPF testing J. Oquendo (Nov 27)