Penetration Test Assistance
Howdy all, I'm a Security Manager of a large network, we are conducting a Pentest next month and the testers are demanding a complete network diagram of the entire network. We don't have a complete network diagram that shows everything and everywhere we are. At most we have a bunch of network diagrams that show what we have in various areas throughout the country. I've been asking the network engineers for over a month and they seem to be too lazy to put it together or they have no idea where everything is. I've never been in this situation before. Should I be honest to the testers and tell them here is what we have, we aren't sure if it's accurate; find everything else? How would they access those areas that we haven't identified? How can I give them access to stuff that I didn't know existed? What do you all do with your large networks? One huge network diagram, a bunch of network diagrams separated by region, or both? Any pentest horror stories? Thanks, Tim This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
RE: Linux Centralized Administration
We are using Security Blanket. It's a COTs product that works really well -Original Message- From: Chuck Anderson [mailto:c...@wpi.edu] Sent: Thursday, January 12, 2012 4:10 PM To: nanog@nanog.org Subject: Re: Linux Centralized Administration On Thu, Jan 12, 2012 at 04:02:49PM -0500, Paul Stewart wrote: Hey folks. just curious what people are using for automating updates to Linux boxes? yum Today, we manually do YUM updates to all the CentOS servers . just an example but a good one. I have heard there are some open source solutions similar to that of Red Hat Network? yum install yum-cron chkconfig yum-cron on service yum-cron start
Router Assessment Tool
Happy New Year All!!! I'm trying to perform STIG compliancy on various Cisco equipment. Has anybody used the Router Assessment Tool (RAT) for routers and switches? Any cheap (free) recommendations? As a last ditch effort I could use NMAP. Thanks, Tim
Config files?
Hey all! I'm a IT Security Manager (policy creation) that has been lurking on NANOG for about 3 years. I have some experience in networking but nothing like what is mostly talked about on here. I just love the talks you experts have and researching the tools you all mention. I was having a tough time yesterday explaining to one of my nosey co-workers why I had the word Octopussy on my screen yesterday! I'm trying to put a baseline policy together for all my network equipment and I have a few questions: 1. Should config files be consistent? By this I mean; does the STIG apply its baseline to the config files or elsewhere? 2. Are config file change alerts necessary for the security of network equipment? We have just purchased the SolarWinds suite. 3. Should we obfuscate our Private addresses on our Network Diagram? What is the common practice? 4. How can I get a grip on my ACLs or is it even possible? How do you all maintain them without going insane! If this isn't the correct forum for this low level stuff I understand; just guide me in the right direction. Thanks in advance! TG
Cisco Sanitization
Hey all! I'm currently creating a sanitization guide for all my hardware. When I got to my Cisco devices I noticed there are numerous ways to reset them back to the default and clear the NVRAM. Does anyone have a guide that includes sanitization information for all Cisco devices(at least switches, routers, IDS's, and ASA 5500 Series) so I don't have to recreate the wheel? Thanks, Tim