I am writing on a paper on firewall testing and penetration.
I attach my outline (subject to change as always :) ) at the
end of this message.
One of the subject in the paper will be what Security Policies
have to include and what not. For this I would be grateful if
you could point me to good existing security policies and/or to
sources how to formulate them.
Another part will contain how to test/penetrate firewalls. There,
I am still looking for additional information, mainly about the dangers
of open services (proxies).
I dont expect that you solve my problems (well, if you would insist.... :) )
but a few hints would be appreciated that I dont get lost in the
theoretical details.
greetings and TIA
Reto
--------------------------------------------------------------------------------
Penetration/Testing of Firewalls
1. Security policies
- what they should contain
- what they should not contain
2. Gaining information on the target Network/Host/Firewall
- probing techniques
- tools
3. Firewall penetration in general
- overload
- bad packets
- packet filter approach (IP spoofing..)
- approach to proxy's
4. Policy decisions and its consequences
(possible attachks in relation to open services)
- e-mail
- ftp
- telnet
- rexec
- NNTP
- http
- finger/whois
- DNS
- NW management services
SNMP
RIP
ping
traceroute
- NTP
- NFS
5. Security incidents
- responding to an incident
- tracking down an intruder
- policy issues when an incident occured
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Reto E. Haeni
Cyberspace Policy Institute The George Washington University
2033 K Str. NW Suite 340N School of Engineering and Applied Science
Washington DC 20006
ph (202) 994-5512 (We, Th)
http://www.cpi.seas.gwu.edu/
reto @
seas .
gwu .
edu http://www.seas.gwu.edu/student/reto/
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Follow-Ups:
|
|
