Account for penetration testing

Discussion in 'Computer Security' started by nobiscuit, Aug 17, 2005.

  1. nobiscuit

    nobiscuit Guest

    My wife got sent to an ethical hacker class for work. I'm so jealous.
    She brought home the course materials for us to play with.

    Does anyone have a recommendations on where to get an account to do
    penetration testing on my home network? I want to be able to get at the
    firewall and DMZ from outside.

    I thought about signing up for a netzero dial up account but I don't
    want to run into trouble with their terms of service if I'm running
    cracking tools.

    Thanks!
     
    nobiscuit, Aug 17, 2005
    #1
    1. Advertising

  2. On 17 Aug 2005 08:04:10 -0700, in alt.computer.security , "nobiscuit"
    <> in
    <> wrote:

    >My wife got sent to an ethical hacker class for work. I'm so jealous.
    >She brought home the course materials for us to play with.
    >
    >Does anyone have a recommendations on where to get an account to do
    >penetration testing on my home network? I want to be able to get at the
    >firewall and DMZ from outside.
    >
    >I thought about signing up for a netzero dial up account but I don't
    >want to run into trouble with their terms of service if I'm running
    >cracking tools.


    Why not do it direct? Get another computer and physically hook it up?


    --
    Matt Silberstein


    And now our bodies are oh so close and tight
    It never felt so good, it never felt so right
    And we're glowing like the metal on the edge of a knife
    C'mon! Hold on tight!
    C'mon! Hold on tight!

    Though it's cold and lonley in the deep dark night
    I can see paradise by the dashboard light
    Paradise by the dashboard light

    Jim Steinman
     
    Matt Silberstein, Aug 17, 2005
    #2
    1. Advertising

  3. nobiscuit

    Bit Twister Guest

    On 17 Aug 2005 08:04:10 -0700, nobiscuit wrote:
    > My wife got sent to an ethical hacker class for work. I'm so jealous.
    > She brought home the course materials for us to play with.
    >
    > Does anyone have a recommendations on where to get an account to do
    > penetration testing on my home network? I want to be able to get at the
    > firewall and DMZ from outside.


    You could see if you can find an old pc (400mh, 256 meg ram) with nic,
    a crossover cable, load linux, and do whatever you like in house.
     
    Bit Twister, Aug 17, 2005
    #3
  4. nobiscuit

    nobiscuit Guest

    Hmm. My firewall also acts as a router for my internal nat'd computers.
    It has a staic IP and its gateway is on the other side of the dsl
    connection. It also does routing for a seperate DMZ subnet. I can set
    up a brigding sniffer between the firewall/router and the dsl box but
    I'm not sure how to set up a computer that would have a full network
    connection between the firewall and the dsl so I could bang on the
    firewall from the outside.
     
    nobiscuit, Aug 17, 2005
    #4
  5. nobiscuit

    nobiscuit Guest

    Oh. Duh. Crossover cable. Didn't think of that. :p
     
    nobiscuit, Aug 17, 2005
    #5
  6. nobiscuit

    Bit Twister Guest

    On 17 Aug 2005 08:22:53 -0700, nobiscuit wrote:
    > Hmm. My firewall also acts as a router for my internal nat'd computers.
    > It has a staic IP and its gateway is on the other side of the dsl
    > connection. It also does routing for a seperate DMZ subnet. I can set
    > up a brigding sniffer between the firewall/router and the dsl box but
    > I'm not sure how to set up a computer that would have a full network
    > connection between the firewall and the dsl so I could bang on the
    > firewall from the outside.


    My firewall is connected to my cable modem. What I did was set the
    cracking box's ip address same as the ISP gateway ip address. Since the
    Firewall box was getting ip addy as DHCP. I had to change the FW box
    to static and used the ip address given from the DHCP server.
     
    Bit Twister, Aug 17, 2005
    #6
  7. nobiscuit

    Unruh Guest

    "nobiscuit" <> writes:

    >My wife got sent to an ethical hacker class for work. I'm so jealous.
    >She brought home the course materials for us to play with.


    >Does anyone have a recommendations on where to get an account to do
    >penetration testing on my home network? I want to be able to get at the
    >firewall and DMZ from outside.


    >I thought about signing up for a netzero dial up account but I don't
    >want to run into trouble with their terms of service if I'm running
    >cracking tools.



    Why not run it from your own machine? Or are the firewall/dmz in a router
    or something like that?
     
    Unruh, Aug 17, 2005
    #7
  8. nobiscuit

    nobiscuit Guest

    I would like to be able to run the tests without interupting the
    connection. My wife gets cranky when net access is down. I'm
    guessing your firewall was no longer connected to the cable modem while
    the cracking box was connected? If not, were their conflicts between
    the ISP gateway and the cracking box?

    I think there is still a PCI slot available in my firewall box. I
    could throw another nic in there, connect with a crossover cable, close
    off the nic with firewall rules and route incoming traffic from it to
    the external interface.

    I'd still like to get a clean shot at the firewall from the outside
    though. I suppose I could just take my chances with netzero. They
    didn't seem to notice all the noxious traffic from my neighbors
    computer before we cleaned off all the spyware and crap.

    Of course there is always Homeland Security. I can't believe they
    would give a rats ass about my pitiful little network but these days
    you never know. :p
     
    nobiscuit, Aug 17, 2005
    #8
  9. nobiscuit

    nobiscuit Guest

    Yup. The firewall and DMZ are handled by my router.
     
    nobiscuit, Aug 17, 2005
    #9
  10. nobiscuit

    Bit Twister Guest

    On 17 Aug 2005 09:46:18 -0700, nobiscuit wrote:
    > I would like to be able to run the tests without interupting the
    > connection. My wife gets cranky when net access is down.


    Now, we start getting the requirement. :)

    > I'm
    > guessing your firewall was no longer connected to the cable modem while
    > the cracking box was connected?


    Correct. That way each log entry/attempt is trackable back to test box.

    > I think there is still a PCI slot available in my firewall box. I
    > could throw another nic in there, connect with a crossover cable, close
    > off the nic with firewall rules and route incoming traffic from it to
    > the external interface.


    Hmmm, might work depending on firewall software.

    >
    > I'd still like to get a clean shot at the firewall from the outside
    > though.


    cheap $35 linksys switch, two regular cables, would let you jack in front
    of firewall and have both connectivity and allow you to beat up the firewall.

    > Of course there is always Homeland Security. I can't believe they
    > would give a rats ass about my pitiful little network but these days
    > you never know. :p


    USA Law was just passed that business were going to be responsible for malware
    blasting the network.

    Keep in mind, your firewall is only the first line of protection.
    Malware writers are now going after apps running behind
    firewalls. Example, realplayer, browsers, adoby, IM,....
     
    Bit Twister, Aug 17, 2005
    #10
  11. nobiscuit

    Imhotep Guest

    nobiscuit wrote:

    > My wife got sent to an ethical hacker class for work. I'm so jealous.
    > She brought home the course materials for us to play with.
    >
    > Does anyone have a recommendations on where to get an account to do
    > penetration testing on my home network? I want to be able to get at the
    > firewall and DMZ from outside.
    >
    > I thought about signing up for a netzero dial up account but I don't
    > want to run into trouble with their terms of service if I'm running
    > cracking tools.
    >
    > Thanks!


    As long as you are trying to crack YOUR systems you should be fine...
     
    Imhotep, Aug 17, 2005
    #11
  12. nobiscuit

    nobiscuit Guest

    >Correct. That way each log entry/attempt is trackable back to test box.

    I didn't think of the benefit of limiting the logs to just the cracking
    attempts. That may be worth risking the wifely wrath.

    >cheap $35 linksys switch, two regular cables, would let you jack in front
    >of firewall and have both connectivity and allow you to beat up the firewall.


    I'm being thick here. If the firewall and the cracking box share a
    connection via a switch, can I just give the cracking box a random IP
    address? The firewall blocks any non-public IP addresses like
    192.168.x.x from the outside so it would have to be a valid public IP
    address. What would I set the subnet mask and gateway to?

    >Keep in mind, your firewall is only the first line of protection.
    >Malware writers are now going after apps running behind
    >firewalls. Example, realplayer, browsers, adoby, IM,....


    Currently we are a Mac/OpenBSD only household so we have the benefit of
    being a small target, virus/malwarewise. That's probably going to
    change though. We also keep up on patches. I am planning to set up
    snort again. The difficultly I have had with it in the past is tuning
    the rules to avoid false positives and keeping up with the latest
    signatures.
     
    nobiscuit, Aug 17, 2005
    #12
  13. nobiscuit

    claudel Guest

    In article <>,
    nobiscuit <> wrote:
    >My wife got sent to an ethical hacker class for work. I'm so jealous.
    >She brought home the course materials for us to play with.
    >
    >Does anyone have a recommendations on where to get an account to do
    >penetration testing on my home network? I want to be able to get at the
    >firewall and DMZ from outside.
    >
    >I thought about signing up for a netzero dial up account but I don't
    >want to run into trouble with their terms of service if I'm running
    >cracking tools.
    >
    >Thanks!
    >


    Get a cheap hub and patch in before your home router

    Claude
     
    claudel, Aug 17, 2005
    #13
  14. nobiscuit

    Bit Twister Guest

    On 17 Aug 2005 10:48:40 -0700, nobiscuit wrote:
    >
    >>cheap $35 linksys switch, two regular cables, would let you jack in front
    >>of firewall and have both connectivity and allow you to beat up the firewall.

    >
    > I'm being thick here. If the firewall and the cracking box share a
    > connection via a switch, can I just give the cracking box a random IP
    > address?


    Yes. Pick a china ip from your firewall log. :)
    Make sure it is not a public ip like a business or college.

    > The firewall blocks any non-public IP addresses like
    > 192.168.x.x from the outside


    You get to test that by changing cracking box ip.

    > so it would have to be a valid public IP
    > address. What would I set the subnet mask and gateway to?


    Pick an ip address, you are not supposed to chatting with anyone but
    your firewall. Gateway can be the current one firewall is using or
    munge the china ip+1.

    What you do not want to do is send any attempt to a broadcast address
    or anywhere but the known ip address of your Firewall Box.

    I am guessing, if you ping the cracker box from the firewall box,
    the SWITCH, not a HUB, should remember and only route between the two
    as long as you are hitting only the firewall box. I would unplug the
    WAN cable from switch until cracker/firewall can talk at each other.

    >>Keep in mind, your firewall is only the first line of protection.
    >>Malware writers are now going after apps running behind
    >>firewalls. Example, realplayer, browsers, adoby, IM,....

    >
    > Currently we are a Mac/OpenBSD only household so we have the benefit of
    > being a small target, virus/malwarewise. That's probably going to
    > change though.


    Not M$ I hope. :( If so, I recommend firewalls on all other LAN
    boxes and no id/passwords which could be sniffed by M$ box.
    ftp, rlogin, rcp, mail..... nothing but ssh, scp for any box to box and
    SSL for your email accounts. Any accounts on M$ should not match any
    found on the lan and never use the M$ to log into LAN boxes.

    > We also keep up on patches.


    Running Mandrivalinux myself, and check every day for updates.

    All this begs the question, after putting a switch in WAN side, will your
    connection still work. ISP's used to register MAC addresses. Your ip
    address could change so check firewall ip after switch install.

    I would power reset the WAN equipment for it to pickup the new MAC
    found in the switch, otherwise nothing will work.

    The wife has to take a bath, use a crossover to attack the system
    during that time. Shoot you can let nmap run overnight, swap cables
    back when you get up. Review the logs later.
     
    Bit Twister, Aug 17, 2005
    #14
  15. nobiscuit

    nobiscuit Guest

    >> I'm being thick here. If the firewall and the cracking box share a
    >> connection via a switch, can I just give the cracking box a random IP
    >> address?

    >
    >Yes. Pick a china ip from your firewall log. :)
    >Make sure it is not a public ip like a business or college.
    >
    >Pick an ip address, you are not supposed to chatting with anyone but
    >your firewall. Gateway can be the current one firewall is using or
    >munge the china ip+1.
    >
    >What you do not want to do is send any attempt to a broadcast address
    >or anywhere but the known ip address of your Firewall Box.
    >
    >I am guessing, if you ping the cracker box from the firewall box,
    >the SWITCH, not a HUB, should remember and only route between the two
    >as long as you are hitting only the firewall box. I would unplug the
    >WAN cable from switch until cracker/firewall can talk at each other.


    Awesome. Thanks for the info! I'll try it when I get home from work.
    :)

    >> Currently we are a Mac/OpenBSD only household so we have the benefit of
    >> being a small target, virus/malwarewise. That's probably going to
    >> change though.

    >
    >Not M$ I hope. :(


    Doh. I miscommunicated. What I meant was that although OSX is
    currently, as far as I know, virus/malware free, it is only a matter
    of time before someone writes a successful expolit. I love my Mac and
    my wife would hurt me if I tried to take away hers. :p

    >The wife has to take a bath, use a crossover to attack the system
    >during that time. Shoot you can let nmap run overnight, swap cables
    >back when you get up. Review the logs later.


    Good idea. :)

    Thanks again!
     
    nobiscuit, Aug 17, 2005
    #15
  16. nobiscuit

    Winged Guest

    nobiscuit wrote:>
    > Doh. I miscommunicated. What I meant was that although OSX is
    > currently, as far as I know, virus/malware free, it is only a matter
    > of time before someone writes a successful expolit. I love my Mac and
    > my wife would hurt me if I tried to take away hers. :p
    >
    >

    Well While we are on MAC subject...make sure you get the new OSX updates
    to fix the security issues...
    Winged
     
    Winged, Aug 18, 2005
    #16
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Simon Watson
    Replies:
    1
    Views:
    1,315
    Hansang Bae
    May 24, 2005
  2. =?Utf-8?B?RXhlY3VUcmFpbg==?=

    Free Penetration Testing Workshop in Bristol, UK

    =?Utf-8?B?RXhlY3VUcmFpbg==?=, Oct 21, 2004, in forum: MCSE
    Replies:
    4
    Views:
    1,130
    TechGeekPro
    Oct 28, 2004
  3. Lord Shaolin
    Replies:
    2
    Views:
    1,150
    Lord Shaolin
    Aug 12, 2003
  4. penetration testing

    , Jul 6, 2006, in forum: Computer Security
    Replies:
    6
    Views:
    709
    Todd H.
    Jul 6, 2006
  5. Giuen
    Replies:
    0
    Views:
    1,408
    Giuen
    Sep 12, 2008
Loading...

Share This Page