Penetration Testing mailing list archives
Re: Trust Relationship Analysis
From: Marco Ivaldi <raptor () 0xdeadbeef info>
Date: Mon, 27 Mar 2006 13:43:59 +0200 (CEST)
On Wed, 22 Mar 2006, Roman Tomazi wrote:
As part of a VA and Pen Test my company has been tasked to do, we have been asked to carry out a review of host and network trust relationships within the clients environment. Are there any best practices and/or tools used to facilitate this kind of analysis?
[snip] On Fri, 24 Mar 2006, William Hancock wrote:
Defining trusts is really going to be more of a manual process then leaning on any kind of tool set.
I agree with Bill: a thorough trust relationship analysis usually requires the auditor to perform a privileged test, spending a considerable amount of time checking packet filtering rules, network services configuration and application interactions -- in case your client is interested in application-level trusts as well, of course. Speaking about methodologies, the OSSTMM 2.1.1 [1] briefly covers this topic at page 50 ("Trusted Systems Testing"). The upcoming 3.0 release will introduce the much more interesting concept of "Trust Verification" [2], related to RAV's Operational Security (OPSEC) calculation. For more information about the OSSTMM (Open Source Security Testing Methodology Manual) and RAVs (Risk Assessment Values), take a look at: http://www.isecom.org/ [1] http://www.isecom.info/mirror/osstmm.en.2.1.1.pdf [2] "Determining the trust relationships from and between gateways within the scope. A trust relationship exists wherever the gateway is freely interactive with another gateway inside or outside the scope which is governed by a different security policy, administration, or process." Cheers, -- Marco Ivaldi Antifork Research, Inc. http://0xdeadbeef.info/ 3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707 ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Trust Relationship Analysis Roman Tomazi (Mar 23)
- Re: Trust Relationship Analysis William Hancock (Mar 24)
- Fwd: Trust Relationship Analysis Roman Tomazi (Mar 31)
- <Possible follow-ups>
- Re: Trust Relationship Analysis Marco Ivaldi (Mar 28)