Re: network auditing

[cc <cc () belfordhk com>]

Hagen, Eric wrote:

> Absolutely not.  Many of the best hackers are not certified at all.
> Knowledge is the key.  Make sure you inform and have permission from other
> network administrators, otherwise you could find yourself in hot-water for
> unauthorized penetration testing.

I'm very confident that I won't be doing Penetration
testing on other systems.  I know the legal issues
involved and rather not have any 'legal' entanglements. :)

> Well, being the network administrator, it would be impossible for you to
> "black box" test the network.  However, any penetration testing you employ
> would be "crystal box" type tests.

Unless I do it at home(which isn't practical at the moment due to
me still using a dialup).   But perhaps my understanding of this 'black
box' test isn't that correct.  Why do you say it's 'impossible'?



> Do it quietly.  Port Scans are very "noisy" to IDS systems and likely to get
> you detected and blocked before you even attempt to access the network.
> Scan only those ports you're interested in.  Do it very slowly and spread
> out the scan.

That seems quite logical.  As it does take quite a bit of bandwidth.

> I'm shy about dictionary/brute force attacks.  They tend to set off alarms
> all over the place and make your tracks very hard to cover.  Very few
> services are not logged anymore, especially if a host-based IDS is employed.
> At this point, sustained traffic to a single host may even set off a
> network-based IDS too.

Shouldn't most people by now should have logging enabled by default?
Whether they look at the logs is another matter.  just as long as they
are logged.


> For "Intrustion Testing" and "hacking", the BEST (I mean BEST) book I've
> ever seen is "Stealing the Network".  It's fairly expensive and it's also
> technically fiction, but it explains in very clear words, the means by which
> attackers will try to compromise a network in a vareity of different
> situations.  It tends to be very technical, written for network
> administrators, but it's a good one.

I'll check it out at the bookstore.  I'm not entirely sure it'd be
there and I do hope it's still in print?


> For a more "textbook" and somewhat more basic book, try out "Hacking
> Exposed"  I think there's a 4th volume out now...

I've seend these.  There's the Windows Hacking exposed and the Linux
one.  I've flipped through them and they are quite 'bulky' and they
seem to have lots of info.  The question remains whether they
are worth the $$$.  I don't know what's going on but books seem
to be getting more and more expensive, especially computer ones.
Even a thin book can cost about 40 bucks US.

Thanks for the help.






---------------------------------------------------------------------------
----------------------------------------------------------------------------