Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Layer 3 and Firewall

from [Starkey, Kyle (Salt Lake City)] Network Security [Permanent Link]
Subject: RE: Layer 3 and Firewall
Date: Thu, 19 Oct 2006 13:05:18 -0500 
Folks...
While I agree that there is a certain level of trust that needs to be allowed 
your network/security
admin personnel, this doesn't mean that you can't implement logging and 
monitoring to keep them
honest.  This relies heavily on the idea of separation of duties, admin is one 
group and monitoring
and change management should be different groups.  If there are more people 
involved in the monitoring
and administration then it will require some collusion of employees to defraud 
the organization.

Possibly an automated login and configuration gathering tool would help you to 
keep and eye on your
admin groups.  The system would have to be setup to login on every X minutes to 
check the
configuration against the current "known-good" config.  Additionally it would 
need to be monitoring
the logs from all devices and do config checks every few moments between when 
an admin has logged in
and logged out (checking to see how the admin has made changes and alerting 
review when they have
deviated from the approved config).  Now that I say that I am not sure you can 
have multiple users on
IOS logged in with access to the running config, but this sort of system would 
help to solve this
particular issue....

Ramblings from a paranoid soul at 30,000 ft...
-Kyle

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of DaKahuna
Sent: Friday, October 06, 2006 7:08 PM
To: pen-test@securityfocus.com
Subject: Re: Layer 3 and Firewall



Could you be more specific on the technical solution- because that is
what I am looking for urgently? I am not worried about VLAN hopping or
any other user-inititated attack ? . I am only worried about the
switch admin playing foul.


If you can't trust your switch admin then you need to replace him  
with someone you can trust.
Administrator's are people in a position that requires unequivocal  
trust. In order to be effective in their jobs they need to be  
privileges that go beyond those of normal users.



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  XSS - how to run script, Tal Argoni
Next by Date:  Re: XSS - how to run script, A. R.
Previous by Thread:  Re: Layer 3 and Firewall, FITNC--Kelvin Tarver
Next by Thread:  Re: Ps. Informing Companies about security vulnerabilities..., mailing lists
Indexes:  [Date] [Thread] [Top] [All Lists]