Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Help - Can I do an external pen-test in this network?
From: "Jason Thompson" <securitux () gmail com>
Date: Tue, 11 Mar 2008 00:58:59 -0400

To expand on what the others said,

Scanning firewalls and routers makes baby Jesus cry. You will set off
alarms and notify your target, and therefore compromise your stealth
factor.

Did this class teach you client side attacks? Social engineering? Phishing?

Did you do any info gathering on the company before doing the test?
Personally, info gathering is one of my favorite activities, the data
you can gather for subsequent attacks is quite useful. Users now have
a very large Internet footprint.

Also, you can absolutely do a pen test on an external network after an
internal test, but its not black box anymore, its a white box test.
Done quite often actually, by companies who have internal security
staff.

And as Radu said, make sure that router you're poking at isn't owned
by the ISP. They take a dim view of being attacked without
authorization.

-J


On 7 Mar 2008 06:52:00 -0000,  <to.tushar () yahoo com> wrote:
Hi,



 I have just completed my classes of Penetration Testing and have been asked to do a project.

 I have an option to do either external or internal pen test.


 I can do an internal pen-test in one organization I've got, however, I am not sure how I can do an external pen-test 
in this scenario. The following is the network. Please tell me if I can do an external pentest in this case and where 
can I start.



 Internet -> router / modem provided by ISP (only static IP in organization)-> Switch -> about 100 systems in 
internal network (pvt IPs).

 Webserver & mails are hosted on public server.



 Ping: success

 Tried nmap: Host seems down. If it is really up, but blocking our ping probes, try -P0 (we are scanning a router 
here, so it won't work)


 Is there anyway I can get into this organization by doing an external pen-test. This is a small company into s/w 
development and uses only messengers to communicate with the outside world / clients etc. No major servers inside 
organization and none with pub IP address.



 If you need any more info, please lemme know.



 Regards,

 Tushar

 ------------------------------------------------------------------------
 This list is sponsored by: Cenzic

 Need to secure your web apps NOW?
 Cenzic finds more, "real" vulnerabilities fast.
 Click to try it, buy it or download a solution FREE today!

 http://www.cenzic.com/downloads
 ------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault