Penetration Testing mailing list archives

Re: AS400 Net Recon

From: Marco Ivaldi <raptor () mediaservice net>
Date: Fri, 15 Feb 2008 12:49:09 +0100 (ora solare Europa occidentale)

Jon,

On Tue, 12 Feb 2008, Jon Kibler wrote:

Hi,

I have a client with AS400s on their LAN. They want a vulnerability
scan, but having been burned in the past, I want to ask before doing:
Are there any issues with scanning (nmap, nessus, etc.) AS400s?

Personally, I've never experienced availability problems while pen-testingAS/400 boxen, but since they're usually an extremely critical point of aCustomer's infrastructure I'd recommend you not to perform any potentiallydangerous operations on them.

For instance, I wouldn't feel comfortable with insane timing Nmap scans,and I would think twice before blindly running a Nessus scan. You shouldalso pay special attention to brute force attacks, that might causeaccount lockouts or worse, depending on target's configuration.


The rule of thumb here is: don't abuse automated scanners and be gentle;)

Also, make sure that your Customer knows about the risks, so that you mayagree in advance on what to test (e.g. only "stable" services?), when totest (e.g. at night or during the week-end?), and so on.

While I am at it, any good information on AS400 security? I see a few
corporately published books for sale on the net about AS400 security,
but I don't want to drop a couple of grand for a book by some
organization I am not familiar with.


This is a good starting point on AS/400 security:

http://www.venera.com/downloads.htm

I bought Shalom's "Hacking iSeries" book, and i'm very satisfied with it.Official IBM documentation and Google are your friends as well;)


Hope this helps,

--
Marco Ivaldi, OPST
Red Team Coordinator      Data Security Division
@ Mediaservice.net Srl    http://mediaservice.net/


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

AS400 Net Recon Jon Kibler (Feb 14)
- RE: AS400 Net Recon Rivest, Philippe (Feb 15)
- RE: AS400 Net Recon Bob Woods (Feb 15)
- Re: AS400 Net Recon Marco Ivaldi (Feb 15)
- Re: AS400 Net Recon xelerated (Feb 15)
  - RE: AS400 Net Recon John Bussert (Feb 19)
- <Possible follow-ups>
- Fwd: AS400 Net Recon Sat Jagat Singh (Feb 15)