Security Basics
Re: UDP question Oct 16 2013 03:55AM
ToddAndMargo (ToddAndMargo zoho com)
Hi! This is the ezmlm program. I'm managing the
security-basics (at) securityfocus (dot) com [email concealed] mailing list.

I'm working for my owner, who can be reached
at security-basics-owner (at) securityfocus (dot) com. [email concealed]

I'm sorry, the list moderators for the security-basics list
have failed to act on your post. Thus, I'm returning it to you.
If you feel that this is in error, please repost the message
or contact a list moderator directly.

--- Enclosed, please find the message you sent.

Re: UDP question.eml
Subject:
Re: UDP question
From:
ToddAndMargo <ToddAndMargo (at) zoho (dot) com [email concealed]>
Date:
10/10/2013 07:53 PM
To:
Digital_InfoSec <digitalinfosec (at) gmail (dot) com [email concealed]>
CC:
"security-basics (at) securityfocus (dot) com [email concealed]" <security-basics (at) securityfocus (dot) com [email concealed]>

On 10/08/2013 03:11 PM, Digital_InfoSec wrote:
> Hi Todd, just a thought as well, I've been reading some of your posts
and was not sure
> if you are doing these scans and finding your feet on your clients
live network?

I have access to a Fedora Core 19 computer on the general network
through ssh and xrdp. It can not talk to the POS machine I will
eventually testing, but it does allow me into the firewall and I
can run the occasional nmap again the other office computers on
that leg of the network.

I have Open VPN access to the POS machine. The POS machine is
Windows XP Pro and there are no other machines on that network
leg.

Mainly, I learn on my own network. My base computer is Scientific
Linux 6.4 (RHEL 6.4 clone). (I am the county's Linux guy.) I
test against my numerous KVM virtual machines. (I have five
Windows, two Linux, and one Damn Vulnerable Linux VM's).

I will test Metasploit here first.

> As you
> are starting to work with Metasploit, this can be less of a "passive"
tool than Nmap for
> example and could possibly cause unwanted damage within a network if
used incorrectly.

My "game plan" is to probe around with nmap first (I have been
playing with and collecting commands up). Everything WILL BE
closed before I proceed to metasploit. (I hope everyone is
okay with me posting my game plan before I go into action.)

Question: if all is closed to nmap, do I even need
to run metasploit? Or can Metasploit get past things
nmap can't?

> It can also be quite "noisy" depending on what exploits you launch so
this might (this is
> speculative as I am unaware of the environment you are working in)
have an inadvertent
> affect on your clients network performance.

They will know, because their Open VPN is on-demand. And,
I will tell them what I am doing before proceeding and make
sure they are not closing out or are with a customer.
They are use to me -- I have been providing remove support
for years.

And, over a DSL modem, how much traffic can I possibly
generate?

> It might be a thought, to set yourself up a test network using
something like Netkit which
> allows you to set up a complete virtual network. Set up logging as
well on your virtual
> network, then you can dump these logs and analyse the activity the
various exploits and
> scanning tools have had using something like Wireshark and or Glogg,
Kiwi or Xplico (just
> to name a few) This can help you get a better understanding of how to
interpret results
> (incident response) as well as help catalyse some of your pen-testing
learning.

I am/will run again my VM's first.

> In fact
> you might want to download "security-onion" as it provides several
network forensic
> analysis tools (NFAT).

Will do. Thank you

> Worth further consideration is if your clients server utilises shared
hosting or a>
> virtualised private server hosting package, there are other possible
considerations
> (including possibly legal ones) that need to be made as well before
launching any
> pen-testing. I have found these vary greatly depending upon service
provider and country.

Stand alone computer at their facility. They find "cloud computing" a
bit creepy, as do I. Client/server with a really crappy connection
between the client and server. And you never know what is really
going on at the server or when they will skip town.

Cloud has it place, but a lot fewer places than their marketing
staff purports. And it is expensive. Like buying a glass of wine
at a restaurant, where you can buy a whole bottle and drink it at home.

>
> I hope this helps....it may be your doing all this already but I just
thought it
> worth mentioning just in case.

I appreciate your help. Thank you!

-T

>
> Kind regards,
> Bill
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Computers are like air conditioners.
They malfunction when you open windows
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus