Re: [Newbie] Info about ISP Gateways

["David Swafford" <dswafford () alterhighschool org>]

Hi GJK, welcome to the pen-testing list.

Regarding the private networks, this is just means that they are just a
bunch of VLANs with subnets.  The ISP gateway (not on the customer
premise but at the central office or nearest neighborhood DSL pod)
itself would just forward traffic normally, usually an ISP's upstream
gateway does little or no filtering in regards to security so your
methods of testing from your DSL connection into another DSL connection
should be unaffected by how the ISP has chosen to structure the network.
 

Since you mentioned being a newbie, I feel that it is a good that I
mention this:  make sure that you have a written contract detailing your
tasks and the scope of the project.  Even testing a simple DSL
connection for a small business can become a problem if the contract is
not done properly or not at all, remember to not overlook this vital
step in the process.

David.
CCNA, CEH, Security+, Network+

> > > "Gerrit @ DeadSet Internet Technologies" <info () deadset-tech com>
3/14/2007 6:52 am >>>
Hi

I am new to this Pen-Testing idea, just finished the CEH course but 
that only showed how much I actually need to learn.

Problem number one:
I am on a Wireless/ADSL line, the ISP divided all the Wireless 
customer into separate "private" networks that then go through a 
gateway. To to vulnerability tests on customers on my same network 
from my office is a breeze, but to do it on the other networks will 
be a problem. Does that mean I need to "break" through the ISP's 
gateway first in order to reach the other "private" networks?

Problem number two:
Should I need to "break" through the gateway of the ISP to reach 
these customers then I guess the ISP might not be very happy about 
it, right? So what way is there around that?

Thanks
GJK


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------