Penetration Testing mailing list archives

Re: Pentest Cisco

From: Sat Jagat Singh <flyingdervish () yahoo com>
Date: Fri, 11 Dec 2009 15:12:18 -0800 (PST)

Not to be too picky, but first you describe it as an "audit", then mention "pentesting".  These are very different 
things.  An audit compares an implementation against a defined standard such as a documented baseline, a specific set 
of controls, such as NIST SP800-53, or perhaps against generally accepted good practice.

One really good audit tool is Nipper.  It takes a config file and compares it against a baseline of generally accepted 
good practices that have been defined.

Is a pentest or "vulnerability assessment" what they're really after?  Important questions include:
- will scanning be permitted?
- what is the timeframe for completing the project?
- do they want you to test first without credentials and then with credentials of a basic user or an admin?
- if you aren't already familiar with it, what kind of government regulations may pertain to their business or industry 
segment?
- what kind of reporting requirements do they have?
- what kinds of meeting requirements will they have for project management and status?

That should be a good start for addressing the RFP.  There will be many more questions about actually carrying out the 
project should you get the chance to move forward.

Good luck

--- On Sat, 12/5/09, Paulo Ribeiro <lopolo_fr () yahoo fr> wrote:

From: Paulo Ribeiro <lopolo_fr () yahoo fr>
Subject: Pentest Cisco
To: pen-test () securityfocus com
Date: Saturday, December 5, 2009, 7:41 AM
Hello All,

I need to respond to an RFP to audit an infrastructure with
100+ cisco devices (routers, switches, etc...)
I was wondering if some of you would share:

1) what to ask to size the pentest? number of devicee?
role? number of VLAN (any relevance?)
2) how would you go to pentest it? any particular tools?

Would you use CDP and/or SNMP? (any tools) ? would one
first start by doing a network scan to identify where and
what the devices are?

Any help appreciated!

Kind regards,
LoPo

------------------------------------------------------------------------
This list is sponsored by: Information Assurance
Certification Review Board

Prove to peers and potential employers without a doubt that
you can actually do a proper penetration test. IACRB CPT and
CEPT certs require a full practical examination in order to
become certified. 

http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Pentest Cisco Paulo Ribeiro (Dec 08)
- Re: Pentest Cisco Daniel Hood (Dec 08)
  - OpenVPN traffic David Howe (Dec 15)
    - Re: OpenVPN traffic lorddoskias (Dec 15)
    - Re: OpenVPN traffic Chris Clymer (Dec 15)
    - Re: OpenVPN traffic David Howe (Dec 15)
    - Message not available
    - Re: OpenVPN traffic David Howe (Dec 21)
- Re: Pentest Cisco Edin Dizdarevic (Dec 15)
- Re: Pentest Cisco Sat Jagat Singh (Dec 15)