mailing list archives
Re: [PEN-TEST] RAS PT
From: "Thompson, Stephen" <stephen () FISHNETSECURITY COM>
Date: Thu, 5 Oct 2000 17:12:09 -0500
I have used a tool before that allows sniffing on a RAS connection. It may
be useful to you. I have had problems getting it to work, but i may have an
old version and/or driver problems (I was using version 2.0). The app is
called Distict Network Monitor (www.distinct.com). It has a 30-day
evaluation period. I don't know of any other RAS sniffers.
From: Batten, Gerald [mailto:GBatten () EXOCOM COM]
Sent: Wednesday, October 04, 2000 1:14 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] RAS PT
I unfortunately have very little experience in doing any sort of PT on a RAS
box... let's assume it's an NT box. Other than enforcing strong passwords
or maybe strong authentication via certificates or SecurID-type cards, what
else can I do to A) protect it, and B) run some sort of PT against it?
*Note: Views expressed in this e-mail are not necessarily those of my
**Note: Views expressed in this e-mail are not necessarily mine either.