Network Security: Detailed info on RE: network policy checking

Subject:	RE: network policy checking
Date:	Thu, 27 Mar 2008 21:18:17 -0700

You may want to look into products from Red Seal, Skybox or other
network-specific compliance analysis tools for your purposes. While Nessus
et al suggested by others would possibly alert you to potential weaknesses
in your network, they would have no bearing on your policies, router
configs, etc.


--
Erin Carroll
Moderator, SecurityFocus pen-test mailing list
amoeba@amoebazone.com
"Do Not Taunt Happy-Fun Ball"





-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Sony C
Sent: Thursday, March 27, 2008 8:46 PM
To: Todd Haverkos
Cc: pen-test@securityfocus.com
Subject: Re: network policy checking

Todd,

My primary area of interest is to see if the network I am assessing meets
certain best practices, for eg: all the CISCO routers have a certain QOS, or
IPSec/GRE tunnels are supported, etc.
Hope this clarifies things a bit?

Regards,
SC.


----- Original Message ----
From: Todd Haverkos <fsbo@haverkos.com>
To: Sony C <raagamuffin@yahoo.com>
Cc: pen-test@securityfocus.com
Sent: Thursday, March 27, 2008 10:29:57 PM
Subject: Re: network policy checking

Sony C <raagamuffin@yahoo.com> writes:

Hello fellow pen-testers,

I am looking for tools that perform network policy checking. Specifically,

tools that allow the user to define a policy and then test the network
elements to see if they adhere to this policy. As one might guess, this can
be accomplished either via config file checking (passive) or actual network
testing (active, via SNMP etc).

I am interested in both flavors, if they are available. These tools can be

commercial or open-source/free/shareware.

While it is a broad requirement, this hypothetical tool will primarily be

looking at routers, firewalls, etc.


Thank you in advance for sharing your thoughts.


Hi Sony, 

Could you give some examples of specific routers and firewalls you're
looking to check, and what an example "network policy" issues you're
interested in?  It might help focus down some of the recommendations.







 
____________________________________________________________________________
________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
network policy checking, Sony C Re: network policy checking, Razi Shaban RE: network policy checking, Sol_Invictus Re: network policy checking, Todd Haverkos Re: network policy checking, Mamba M Re: network policy checking, Sony C RE: network policy checking, Erin Carroll <= Re: network policy checking, kevin horvath Re: network policy checking, R. DuFresne Re: network policy checking, matt . foster Re: network policy checking, Sony C

Previous by Date:	Re: network policy checking, Sony C
Next by Date:	Re: network policy checking, Todd Haverkos
Previous by Thread:	Re: network policy checking, Sony C
Next by Thread:	Re: network policy checking, kevin horvath
Indexes:	[Date] [Thread] [Top] [All Lists]