Penetration Testing mailing list archives
Re: Pentesting a network interconnect setup
From: Dominick Alfano <dommaillist () gmail com>
Date: Thu, 16 Aug 2007 06:55:53 -0400
ganesh mahadevan wrote:
Hi, I need some guidance. I am carrying out a pen test of a network interconnect setup. The scenario is this: An internal network is connected to an external network through serial to Ethernet converters and two relays (one on the outward facing side is normally open and one on the inward facing side is normally closed). There is an intermediate server between these two relays. These relays close and open for a certain period of time depending on a pearl script running on the internal gateway. This intermediate server is connected to the gateways of both networks through the serial to Ethernet converters. The user logs into the outward facing gateway, sends data in a particular format. This is sent further through the relays and the serial to Ethernet converter to the intermediate server. The intermediate server does input validation and accepts data only if it meets this criteria. Once the relay on the inner side closes (and the relay on the outer side opens), this data is then sent further onto the internal network. I hope this description is clear. I need some pointers on how to pentest this setup and what could be the potential pitfalls in this setup. Any help would be welcome and appreciated. Thanks Ganesh ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Ganesh, It sounds to me, that your basically describing a complete half duplex setup (Data can only be Transmitted or Received, never both at the same time right?). Actually, it sounds more along the lines of an older network that I've seen a couple times running DDR over ISDN. Where packets have to meet certain criteria in order for data streams to be open. I could be completely wrong about both of these, but the problem with both, in my humble opinion, is manageability of network overhead. It doesn't queue/send packets fast enough causing a lot of "lag" (I guess you would say), therefore more susceptible to Denial of Service attacks against server services, or even better, multiple service simultaneous connections (Eg. DoS ftp and smtp and ssh at once). By what your describing again, it sounds like the network / server cannot handle too much of this type of attack. I tried....ha ha :) - Dominick ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Pentesting a network interconnect setup ganesh mahadevan (Aug 15)
- Re: Pentesting a network interconnect setup Dominick Alfano (Aug 16)