Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security check-up

Status
Not open for further replies.
peterve

peterve

IS-IT--Management
Mar 19, 2000
1,348
NL
Hi everybody<br>I've started a new job this month.<br>At the end of the month I will have to provide our IT manager with a list of 'holes' in the system.<br>I've already found some of the holes, but I want more info. How should I say this : the best way to test your system is to hack it right...<br>How can I test it ?&nbsp;&nbsp;Are there specific tools to check security.&nbsp;&nbsp;Can I try to hack a website ? (we use websites in our intranet and on the internet)&nbsp;&nbsp;<br>i can use both NT and linux to test the security<br>I hope somebody will give me some tips, or even help me learning some in-dept test procedures<br><br>Thanks<br><br> <p>Peter Van Eeckhoutte<br><a href=mailto:peter.ve@itinera.be>peter.ve@itinera.be</a><br><a href= > </a><br>
 
Sort by date Sort by votes
Take a look at the COAST and CERIAS websites for info on tools that can help you to crack your network.&nbsp;&nbsp;(<A HREF=" TARGET="_new"> and <A HREF=" TARGET="_new"> are also *lots* of white papers available that discuss security issues.<br><br>My personal recommendation would be to start off by running SAINT against your network.&nbsp;&nbsp;(<A HREF=" TARGET="_new"> can detect many potential &quot;holes&quot; in your network.<br><br>WARNING:&nbsp;&nbsp;SAINT can seriously damage your connectivity!&nbsp;&nbsp;Some of the vulnerabilities tested for <i><b>may</b></i> result in network services, or even servers, crashing.&nbsp;&nbsp;Although, if this did happen, it would be an indication of a potential DOS attack :)<br><br>Once you've run it against your DMZ servers, run it against your internal network to see how much damage could be caused if the network was compromised.<br><br>One final note:&nbsp;&nbsp;This will only give you an indication of technical holes in the network.&nbsp;&nbsp;It cannot give you an indication of the people holes in the network.&nbsp;&nbsp;(For example, John Smith taking backups off site for security, but leaving them in his car.&nbsp;&nbsp;If his car is stolen, so is your data...)<br><br>Hope this helps.
 
Upvote 0 Downvote
You could also check out anticode.com for exploits that could be run agenst your network and what damage they could cause. <p> Erik<br><a href=mailto:cirvam@netzero.net>cirvam@netzero.net</a><br><a href= > </a><br>Looking to learn more about Linux, Apache, PHP and others.
 
Upvote 0 Downvote
Well the major areas of security are obviously internal and external.&nbsp;&nbsp;You can probably block most external with either a firewall etc..&nbsp;&nbsp;internal you would need to start worrying about the Windows Sharing utilties.&nbsp;&nbsp;This is if most of the people who work for you pass files back and forth my sharing their machines.&nbsp;&nbsp;I have been playing around at my school doing this to people who leave their root shared and putting a keystroke recorder on their machine to get into bigger systems.&nbsp;&nbsp;If you have an nt system definetely look into the weakness of windows sharing <A HREF=" TARGET="_new"> look here for a file called ntwardoc it will give you a good idea of how your nt box can be attacked through sharing.&nbsp;&nbsp;their is also weaknesse in the tcp/ip protocol that you can look into such as port scanner, packet sniffers etc.. If you have a novell server running look into <A HREF=" TARGET="_new"> the nomad research center.&nbsp;&nbsp;hope this helps, don't look into any hacking manifestoes most deal with dial up hacking.&nbsp;&nbsp;This is a pretty good one that i found <A HREF=" TARGET="_new"> this helps<br><br>ackka<br> <p>moses<br><a href=mailto:tmoses@iname.com>tmoses@iname.com</a><br><a href= my site</a><br> "We've heard that a million monkeys at a million keyboards could produce the<br>
Complete Works of Shakespeare; now, thanks to the Internet, we know this is<br>
not true." <br>
--Robert Wilensky, University of California <br>
<br>
<br>
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
207
gbayi_omo
gbayi_omo
abhi21
  • Locked
  • Question
Interesting article on Cyber Security
Replies
0
Views
197
abhi21
abhi21
jfp23
  • Locked
  • Question
Site to Site VPN Security
Replies
2
Views
230
PScottC
PScottC
texwiz
  • Locked
  • Question
need some help to properly set up, segregate and secure a network with an ASA 5505
Replies
2
Views
292
texwiz
texwiz
decyberworld
  • Locked
  • Question
Where start-up config and capture file saved in ASA
Replies
0
Views
170
decyberworld
decyberworld

Part and Inventory Search

Sponsor

Back
Top