Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Help - Can I do an external pen-test in this network?

from [to . tushar] Network Security [Permanent Link]
Subject: Help - Can I do an external pen-test in this network?
Date: 7 Mar 2008 06:52:00 -0000 
Hi,
 
I have just completed my classes of Penetration Testing and have been asked to 
do a project.
I have an option to do either external or internal pen test.

I can do an internal pen-test in one organization I've got, however, I am not 
sure how I can do an external pen-test in this scenario. The following is the 
network. Please tell me if I can do an external pentest in this case and where 
can I start.
 
Internet -> router / modem provided by ISP (only static IP in organization)-> 
Switch -> about 100 systems in internal network (pvt IPs).
Webserver & mails are hosted on public server. 
 
Ping: success
Tried nmap: Host seems down. If it is really up, but blocking our ping probes, 
try -P0 (we are scanning a router here, so it won't work)

Is there anyway I can get into this organization by doing an external pen-test. 
This is a small company into s/w development and uses only messengers to 
communicate with the outside world / clients etc. No major servers inside 
organization and none with pub IP address.
 
If you need any more info, please lemme know.
 
Regards,
Tushar

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Citrix application breakout - take care of Microsoft calculator, Stefan Gora
Next by Date:  RE: Citrix application breakout - take care of Microsoft calculator, Thor (Hammer of God)
Previous by Thread:  Citrix application breakout - take care of Microsoft calculator, Stefan Gora
Next by Thread:  Re: Help - Can I do an external pen-test in this network?, Radu Oprisan
Indexes:  [Date] [Thread] [Top] [All Lists]