Penetration Testing mailing list archives
Re: Internal Servers (noob post)
From: Micheal Cottingham <techie.micheal () gmail com>
Date: Thu, 4 Jun 2009 15:05:06 -0400
As for securing servers and other things behind the firewall: Absolutely! Not only do you have to worry about insiders which are a very real threat, but also what happens when an attacker gets behind the firewall? Should you allow them free reign? And lastly, I've found that hardening actually increases performance as unnecessary services are turned off, the remaining services are tuned properly, and so on. Getting behind the firewall (or on to any service for that matter) and then attacking other machines in the enterprise is called pivoting, an oft-used method to get a better foothold in to the enterprise. Let's say for example I get a user behind the firewall to visit my malicious website. From that malicious website, I'm able to scan other internal machines and launch attacks against them. Take a look at this presentation: http://www.willhackforsushi.com/presentations/PenTest_PerfectStorm_Part_2.pdf which talks about that. R. DuFresne: At a job I had, I did have an incident involving an insider. I won't give details, but it was someone that fit the typical insider description of being angry at the institution for something that happened, so they took it out on the institution by causing trouble for everybody. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Internal Servers (noob post) pma111 (Jun 02)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) misconceptions persist; R. DuFresne (Jun 26)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) Terry M (Jun 03)
- Re: Internal Servers (noob post) Muhammad Farooq-i-Azam (Jun 03)
- RE: Internal Servers (noob post) Gorgon Beast (Jun 03)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Don Miesle (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- Re: Internal Servers (noob post) Jeffrey Walton (Jun 04)
- Re: Internal Servers (noob post) Wim Remes (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)