Security Basics mailing list archives
Re: UDP question
From: ToddAndMargo <ToddAndMargo () zoho com>
Date: Tue, 15 Oct 2013 20:55:40 -0700
Hi! This is the ezmlm program. I'm managing the security-basics () securityfocus com mailing list. I'm working for my owner, who can be reached at security-basics-owner () securityfocus com. I'm sorry, the list moderators for the security-basics list have failed to act on your post. Thus, I'm returning it to you. If you feel that this is in error, please repost the message or contact a list moderator directly. --- Enclosed, please find the message you sent. Re: UDP question.eml Subject: Re: UDP question From: ToddAndMargo <ToddAndMargo () zoho com> Date: 10/10/2013 07:53 PM To: Digital_InfoSec <digitalinfosec () gmail com> CC: "security-basics () securityfocus com" <security-basics () securityfocus com> On 10/08/2013 03:11 PM, Digital_InfoSec wrote:> Hi Todd, just a thought as well, I've been reading some of your posts and was not sure > if you are doing these scans and finding your feet on your clients live network?
I have access to a Fedora Core 19 computer on the general networkthrough ssh and xrdp. It can not talk to the POS machine I will eventually testing, but it does allow me into the firewall and I
can run the occasional nmap again the other office computers on that leg of the network. I have Open VPN access to the POS machine. The POS machine is Windows XP Pro and there are no other machines on that network leg. Mainly, I learn on my own network. My base computer is Scientific Linux 6.4 (RHEL 6.4 clone). (I am the county's Linux guy.) I test against my numerous KVM virtual machines. (I have five Windows, two Linux, and one Damn Vulnerable Linux VM's). I will test Metasploit here first. > As you> are starting to work with Metasploit, this can be less of a "passive" tool than Nmap for > example and could possibly cause unwanted damage within a network if used incorrectly.
My "game plan" is to probe around with nmap first (I have been playing with and collecting commands up). Everything WILL BE closed before I proceed to metasploit. (I hope everyone is okay with me posting my game plan before I go into action.) Question: if all is closed to nmap, do I even need to run metasploit? Or can Metasploit get past things nmap can't?> It can also be quite "noisy" depending on what exploits you launch so this might (this is > speculative as I am unaware of the environment you are working in) have an inadvertent
> affect on your clients network performance. They will know, because their Open VPN is on-demand. And, I will tell them what I am doing before proceeding and make sure they are not closing out or are with a customer. They are use to me -- I have been providing remove support for years. And, over a DSL modem, how much traffic can I possibly generate?> It might be a thought, to set yourself up a test network using something like Netkit which > allows you to set up a complete virtual network. Set up logging as well on your virtual > network, then you can dump these logs and analyse the activity the various exploits and > scanning tools have had using something like Wireshark and or Glogg, Kiwi or Xplico (just > to name a few) This can help you get a better understanding of how to interpret results > (incident response) as well as help catalyse some of your pen-testing learning.
I am/will run again my VM's first. > In fact> you might want to download "security-onion" as it provides several network forensic
> analysis tools (NFAT). Will do. Thank you> Worth further consideration is if your clients server utilises shared hosting or a> > virtualised private server hosting package, there are other possible considerations > (including possibly legal ones) that need to be made as well before launching any > pen-testing. I have found these vary greatly depending upon service provider and country.
Stand alone computer at their facility. They find "cloud computing" a bit creepy, as do I. Client/server with a really crappy connection between the client and server. And you never know what is really going on at the server or when they will skip town. Cloud has it place, but a lot fewer places than their marketing staff purports. And it is expensive. Like buying a glass of wine at a restaurant, where you can buy a whole bottle and drink it at home. >> I hope this helps....it may be your doing all this already but I just thought it
> worth mentioning just in case. I appreciate your help. Thank you! -T > > Kind regards, > Bill > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- UDP question ToddAndMargo (Oct 08)
- <Possible follow-ups>
- RE: UDP question Patrick Kobly (Oct 08)
- Re: UDP question ToddAndMargo (Oct 15)
- Re: UDP question ToddAndMargo (Oct 16)
- Message not available
- Re: UDP question ToddAndMargo (Oct 17)
- Message not available
- Re: UDP question ToddAndMargo (Oct 28)
- Re: UDP question ToddAndMargo (Oct 28)