Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: network policy checking
From: "kevin horvath" <kevin.horvath () gmail com>
Date: Fri, 28 Mar 2008 09:16:27 -0400

For cisco router and pix config reviews look at the CIS RAT (Router
Audit Tool).  Its pretty good considering its freeware.

On Thu, Mar 27, 2008 at 11:45 PM, Sony C <raagamuffin () yahoo com> wrote:
Todd,

 My primary area of interest is to see if the network I am assessing meets certain best practices, for eg: all the 
CISCO routers have a certain QOS, or IPSec/GRE tunnels are supported, etc.
 Hope this clarifies things a bit?

 Regards,
 SC.


 ----- Original Message ----
 From: Todd Haverkos <fsbo () haverkos com>
 To: Sony C <raagamuffin () yahoo com>
 Cc: pen-test () securityfocus com
 Sent: Thursday, March 27, 2008 10:29:57 PM
 Subject: Re: network policy checking


 Sony C <raagamuffin () yahoo com> writes:

 > Hello fellow pen-testers,
 >
 > I am looking for tools that perform network policy checking. Specifically, tools that allow the user to define a 
policy and then test the network elements to see if they adhere to this policy. As one might guess, this can be 
accomplished either via config file checking (passive) or actual network testing (active, via SNMP etc).
 > I am interested in both flavors, if they are available. These tools can be commercial or 
open-source/free/shareware.
 > While it is a broad requirement, this hypothetical tool will primarily be looking at routers, firewalls, etc.
 >
 > Thank you in advance for sharing your thoughts.

 Hi Sony,

 Could you give some examples of specific routers and firewalls you're
 looking to check, and what an example "network policy" issues you're
 interested in?  It might help focus down some of the recommendations.







      ____________________________________________________________________________________


Be a better friend, newshound, and
 know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

 ------------------------------------------------------------------------
 This list is sponsored by: Cenzic

 Need to secure your web apps NOW?
 Cenzic finds more, "real" vulnerabilities fast.
 Click to try it, buy it or download a solution FREE today!

 http://www.cenzic.com/downloads
 ------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]