Penetration Testing: Re: malware testing through proxy

[Greg Strom <greg () delong com>]

Here is my quick $.02. 

Take a system that you *DON'T CARE ABOUT AND DO NOT HAVE ANY DATA ON*  
run Windows XP, IE, don't patch the system (Turn off auto updates) go 
surfing to the 'Darker Side side of the Internet'.  You should be able 
to find what you are looking for and then some.  You can use this to 
demonstrate/Test against real threats in the Wild.  You will know that 
you have enough goodies on your system when it has slowed to a crawl. 

Put the system 'behind' your proxy thingy and put an ACL on a router/FW 
and make sure that your system is isolated and can not route traffic 
other than to your proxy. 



raimarm () gmail com wrote:
> Hi All,
> today some proxies can scan sites if they contain malware (keylogger,
> trojans, virues, drive-by-download, etc).
> In order to test and demonstrate the malware engines of our proxies I
> am looking for some good malware sites that can be tested through a
> proxy like bluecoat, Finjan or Ironport-s. I know the eicar.org site
> to test if a virus can be found. But I also look for sites which
> contain malware or code that looks like malware
> but it doesn't cause any harm, but is recognized as such.
> Many thanks in advance for your replies.
> Cheers
> Raimar
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Security Trends Report from Cenzic
> Stay Ahead of the Hacker Curve!
> Get the latest Q2 2008 Trends Report now
>
> www.cenzic.com/landing/trends-report
> ------------------------------------------------------------------------
>   

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------