Network Security: Detailed info on Re: network policy checking

Subject:	Re: network policy checking
Date:	Fri, 28 Mar 2008 09:31:06 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Then do a configuration audit. This, that you detail is not a pen-test but a configuration audit.

Thanks,

Ron DuFresne


On Thu, 27 Mar 2008, Sony C wrote:

Todd,

My primary area of interest is to see if the network I am assessing meets 
certain best practices, for eg: all the CISCO routers have a certain QOS, or 
IPSec/GRE tunnels are supported, etc.
Hope this clarifies things a bit?

Regards,
SC.


----- Original Message ----
From: Todd Haverkos <fsbo@haverkos.com>
To: Sony C <raagamuffin@yahoo.com>
Cc: pen-test@securityfocus.com
Sent: Thursday, March 27, 2008 10:29:57 PM
Subject: Re: network policy checking

Sony C <raagamuffin@yahoo.com> writes:

Hello fellow pen-testers,

I am looking for tools that perform network policy checking. Specifically, 
tools that allow the user to define a policy and then test the network elements 
to see if they adhere to this policy. As one might guess, this can be 
accomplished either via config file checking (passive) or actual network 
testing (active, via SNMP etc).
I am interested in both flavors, if they are available. These tools can be 
commercial or open-source/free/shareware.
While it is a broad requirement, this hypothetical tool will primarily be 
looking at routers, firewalls, etc.

Thank you in advance for sharing your thoughts.


Hi Sony,

Could you give some examples of specific routers and firewalls you're
looking to check, and what an example "network policy" issues you're
interested in?  It might help focus down some of the recommendations.

     
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile.  Try it now.  
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFH7PMcst+vzJSwZikRAq70AJ9ECXJ+wHvNGtDWoZWOQnDNaV5vDQCaAkAo
OlheUb8B0Bvud4VegSnZbVM=
=VX60
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
network policy checking, Sony C Re: network policy checking, Razi Shaban RE: network policy checking, Sol_Invictus Re: network policy checking, Todd Haverkos Re: network policy checking, Mamba M Re: network policy checking, Sony C RE: network policy checking, Erin Carroll Re: network policy checking, kevin horvath Re: network policy checking, R. DuFresne <= Re: network policy checking, matt . foster Re: network policy checking, Sony C

Previous by Date:	Re: network policy checking, matt . foster
Next by Date:	Re: network policy checking, Sony C
Previous by Thread:	Re: network policy checking, kevin horvath
Next by Thread:	Re: network policy checking, matt . foster
Indexes:	[Date] [Thread] [Top] [All Lists]