Penetration Testing mailing list archives
Re: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 21 Jun 2007 15:21:16 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 20 Jun 2007, Morgan Reed wrote:
On 6/20/07, Tommy May <tommymay () comcast net> wrote:Issue - A standard nessus scan or nmap will choke my service from a standard home based cable modem service.You will not likely find anybody who will be willing to allow this.I need to have a solid provider that is "used to dealing with pen-test like customer businesses"... is there someone that you all may be able to recommend that won't cost an arm and a leg and will meet the requirements? (i.e. one that's home based, allows it to happen, has pen-testing customers. and doesn't cost any more than 100.00 a month).I highly doubt you will find one.
Actually, it can be done, I have with a couple of different ISP's in a couple of different states over time. Best luck is with smaller mom/pop shops whom you have developed a good working relationship with. YMMV...
Of course, bandwidth as well as RAM on the modem/router is a restriction as well. This can be worked around, though, it often calls for off hours testing and launching a scan and heading to bed while it completes <smile>. Most cable business contracts start at about $150+ a month though.
And if I recall over the years, comcast was one of the most restrictive cable providers as well.
Any words of wisdom would be greatly appreciated.My best suggestion would be to find a permissive shell account or get a co-lo server with it's own connection and use that (I have a root shell on a tier 2 system that I use for these activities). You're unlikely to find any ISP who will do this for you so your best bet is to go up a tier or two and get an unrestricted connection attached to a remote server, you'll still have to read the contracts carefully though.
co-los are a good way to go and one can go in with others on a co-lo server setup to help divide costs. ISP's with shell access are not as common as they were about 15 or so years back...
Thanks, Ron DuFresne- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 ...We waste time looking for the perfect lover instead of creating the perfect love. -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGes+wst+vzJSwZikRAs3mAKCC7+2ZSx80dN65T3kn+mUIJdq16QCgi4vE DMWZo25XQRjtvXRuygQpBcY= =lfxB -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Pen testing / Vuln Assessment from Cable Modem - question on service provider selection Tommy May (Jun 19)
- Re: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection Morgan Reed (Jun 19)
- Re: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection R. DuFresne (Jun 21)
- <Possible follow-ups>
- RE: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection Michael Scheidell (Jun 19)
- Re: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection Tommy May (Jun 21)
- Re: Pen testing / Vuln Assessment from Cable Modem - question on service provider selection Morgan Reed (Jun 19)