Re: Internal Servers (noob post)

[Micheal Cottingham <techie.micheal () gmail com>]

As for securing servers and other things behind the firewall: Absolutely!

Not only do you have to worry about insiders which are a very real
threat, but also what happens when an attacker gets behind the
firewall? Should you allow them free reign? And lastly, I've found
that hardening actually increases performance as unnecessary services
are turned off, the remaining services are tuned properly, and so on.

Getting behind the firewall (or on to any service for that matter) and
then attacking other machines in the enterprise is called pivoting, an
oft-used method to get a better foothold in to the enterprise. Let's
say for example I get a user behind the firewall to visit my malicious
website. From that malicious website, I'm able to scan other internal
machines and launch attacks against them. Take a look at this
presentation: http://www.willhackforsushi.com/presentations/PenTest_PerfectStorm_Part_2.pdf
which talks about that.

R. DuFresne: At a job I had, I did have an incident involving an
insider. I won't give details, but it was someone that fit the typical
insider description of being angry at the institution for something
that happened, so they took it out on the institution by causing
trouble for everybody.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------