Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [Newbie] Info about ISP Gateways
From: "David Swafford" <dswafford () alterhighschool org>
Date: Thu, 15 Mar 2007 08:17:21 -0500

Hi GJK again,

I think I may have misunderstood your original question.  I'm thinking
that you are asking how you would test devices that are basically behind
a NAT wall?  If that's your question then you would probably only be
able to test the security of the public devices on that customers'
network from the outside.  Though do not overlook this because all you
need is one public server from their network that you could take control
of and then use that as a relay into the inside network.  I'm not too
sure on all the specifics but I'm thinking that if you were somehow able
to get netcat running on a system that's public you could probably
tunnel through that.  If social engineering is part of your test maybe
you could create an automated NetCat script that will launch from an end
users machine and create a connection to your system and return a shell,
that's my closest thoughts on how to approach this.

David.

"Gerrit @ DeadSet Internet Technologies" <info () deadset-tech com>
3/15/2007 8:56 am >>>
Hi David

Thanks for the reply....

Well, it seems like a bunch of VLAN's but all these VLAN's are behind 
a single public IP, how do I reach the private ip's behind this?

As for all the documentation, well, yes I will not attempt to do any 
testing before they are in place ;)

Thanks
GJK


At 02:38 PM 15/03/2007, you wrote:
Hi GJK, welcome to the pen-testing list.

Regarding the private networks, this is just means that they are just
a
bunch of VLANs with subnets.  The ISP gateway (not on the customer
premise but at the central office or nearest neighborhood DSL pod)
itself would just forward traffic normally, usually an ISP's upstream
gateway does little or no filtering in regards to security so your
methods of testing from your DSL connection into another DSL
connection
should be unaffected by how the ISP has chosen to structure the
network.


Since you mentioned being a newbie, I feel that it is a good that I
mention this:  make sure that you have a written contract detailing
your
tasks and the scope of the project.  Even testing a simple DSL
connection for a small business can become a problem if the contract
is
not done properly or not at all, remember to not overlook this vital
step in the process.

David.
CCNA, CEH, Security+, Network+

"Gerrit @ DeadSet Internet Technologies" <info () deadset-tech com>
3/14/2007 6:52 am >>>
Hi

I am new to this Pen-Testing idea, just finished the CEH course but
that only showed how much I actually need to learn.

Problem number one:
I am on a Wireless/ADSL line, the ISP divided all the Wireless
customer into separate "private" networks that then go through a
gateway. To to vulnerability tests on customers on my same network
from my office is a breeze, but to do it on the other networks will
be a problem. Does that mean I need to "break" through the ISP's
gateway first in order to reach the other "private" networks?

Problem number two:
Should I need to "break" through the gateway of the ISP to reach
these customers then I guess the ISP might not be very happy about
it, right? So what way is there around that?

Thanks
GJK


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW


------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault