Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pentest Cisco

From: Daniel Hood <dsmhood () gmail com>
Date: Wed, 9 Dec 2009 08:33:42 +1100
Yersinia (Google it) has to be the best tool for pentesting Cisco
devices. It allows you to perform a number of attacks on various
layers of the OSI model.

Daniel

On Sun, Dec 6, 2009 at 2:41 AM, Paulo Ribeiro <lopolo_fr () yahoo fr> wrote:

Hello All,

I need to respond to an RFP to audit an infrastructure with 100+ cisco devices (routers, switches, etc...)
I was wondering if some of you would share:

1) what to ask to size the pentest? number of devicee? role? number of VLAN (any relevance?)
2) how would you go to pentest it? any particular tools?

Would you use CDP and/or SNMP? (any tools) ? would one first start by doing a network scan to identify where and what 
the devices are?

Any help appreciated!

Kind regards,
LoPo





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: