PaulDotCom mailing list archives

Re: Network Mapping Software

From: "Chesmore, Michael [DAS]" <Michael.Chesmore () iowa gov>
Date: Thu, 28 Feb 2013 09:09:55 -0600

Personally I am a fan of FOCA, it may not get you all the information you seek but it will get you some.  I also like 
Maltego.  The only problem I have using Maltego is that you can get into information overload and get lost in what you 
are looking at very easily.  If you are going to use Maltego it is worth a couple hours watching some videos on how 
others use it.

Doublewood

From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Carlos 
A. Lozano
Sent: Thursday, February 28, 2013 8:50 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Network Mapping Software


Hi,

SolarWinds can be an option, and it's not intrusive using SNMP.

Regards.

import Android
import human

class Augusto(body):
    def __init__(self, personality):
        self.personality='fool'
    def eat(tacos):
        human.eat(tacos)
    def sex(big_boobs_girl):
        human.reproduction(big_boobs_girl)
    def hobby(vuln-dev):
        human.sports(vuln-dev)
    def sleep(myvar='-_-zZ...'):
        human.sleep(myvar)
El 28/02/2013 08:34, "Lester Nichols" <ln61775 () gmail com<mailto:ln61775 () gmail com>> escribió:

The answer is a bit of yes to all the above. Because of the independence of the locations, an invasive scan cannot be 
done and we cannot "cross" into their LAN per se. But the goal is to obtain information about the environment and 
associated unauthorized connwction to go back to these groups and get consensus to corect thw issues...it is highly 
political.
On Feb 28, 2013 8:00 AM, "Ron Gula" <rgula () tenable com<mailto:rgula () tenable com>> wrote:
Are you concerned with connectivity and routing or do you
care about access control? There are tones of great net
mapping products out there like Lumeta, but if you really
need to see which ports are open between enclaves, you
either need to scan or sniff the connection, like with our
Tenable solution (distributed Nessus and Passive Vulnerability
Scanners), or model the firewall rules with something
like RedSeal.

If they are a Tenable customer, feel free to ping me offline.
This sort of data is collected passively and is pretty easy to
report on which enclaves have access to other enclaves
based on scan results or sniffed traffic.

Ron

From: Lester Nichols <ln61775 () gmail com<mailto:ln61775 () gmail com>>
Reply-To: PaulDotCom List <pauldotcom () mail pauldotcom com<mailto:pauldotcom () mail pauldotcom com>>
Date: Wednesday, February 27, 2013 9:05 AM
To: PaulDotCom List <pauldotcom () mail pauldotcom com<mailto:pauldotcom () mail pauldotcom com>>
Subject: [Pauldotcom] Network Mapping Software

All,

Trying to get recommendation on a network mapping software that could help identify unauthorized bridged networks. 
Ideally this would be something capable to identify divergent LANs across the WAN...

Back Story:

The unnamed federal agency has 600+ locations with public and private LANs, but each local LAN is not accountable to 
the other or to other Executive Branch mandates...as such there is a concern that there are unauthorized bridged 
connection to the local LAN. The need is to be able to identify those potential connection in a non-intrusive way.

Any ideas?

v/r

----------
Lester E. Nichols III, MSIA, CISSP, GCED,  GCFW, GSEC,
MCSA, CompTIA Security+
ln61775 () gmail com<mailto:ln61775 () gmail com>

cuiusvis hominis est erare, nulius nisi insipientis in errore perseverare.

http://www.linkedin.com/in/lnichols

Information Systems Security Association - General Member
Information Systems Audit and Control Association - Member
A proud member of the Federal Bureau of Investigation's InfraGard

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com<mailto:Pauldotcom () mail pauldotcom com>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Network Mapping Software Lester Nichols (Feb 27)
- Re: Network Mapping Software Xander Solis (Feb 27)
- Re: Network Mapping Software Ron Gula (Feb 28)
  - Re: Network Mapping Software Lester Nichols (Feb 28)
    - Re: Network Mapping Software Carlos A. Lozano (Feb 28)
    - Re: Network Mapping Software Chesmore, Michael [DAS] (Feb 28)
    - Re: Network Mapping Software Ron Gula (Feb 28)