Results 1 to 3 of 3

Thread: T1 or slackware server? where to first?

  1. #1
    Just burned his ISO J_dillinger's Avatar
    Join Date
    Jun 2008
    Posts
    9

    Cool T1 or slackware server? where to first?

    I have been given the opportunity to to do my first pen test on an active web server or T1 port.

    The targets of the test are a Cisco DSU/CSU T1 router or a slackware 12.2 web server running IP tables for a fire wall allowing only port 80 for the web documents and port 22 for ssh to communicate...

    After doing the initial footprint I think the router will only allow internal access to configure it. From there I mapped the open ports on the slackware server to find 80 and 22 open. At this point I'm at a loss where to go next? It seems as if the IPtables are preventing communication with the server. Can I spoof them with some thing as simple as MAC changer?

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by J_dillinger View Post
    I have been given the opportunity to to do my first pen test on an active web server or T1 port.

    The targets of the test are a Cisco DSU/CSU T1 router or a slackware 12.2 web server running IP tables for a fire wall allowing only port 80 for the web documents and port 22 for ssh to communicate...

    After doing the initial footprint I think the router will only allow internal access to configure it. From there I mapped the open ports on the slackware server to find 80 and 22 open. At this point I'm at a loss where to go next? It seems as if the IPtables are preventing communication with the server. Can I spoof them with some thing as simple as MAC changer?
    I assume your client knows that you are basically doing this test for practice and is aware of the potential risk from getting a security assessment from inexperienced personnel? Its unlikely that the client themselves will be getting full value out of the test if you have never performed one before and don't know how they should be done. It could even be detrimental to them if you end up breaking something because you haven't tested your methods appropriately.

    As for what to do next, it depends on the scope of the test (allowed target hosts and methods) and the objective of the test. Check out the OSSTM and OWASP testing guide to get more ideas. Its a good idea to read these not just for technical ideas of what to do next, but also to give you an idea of the proper way a test is conducted including Scoping, Permission Memos and Rules of Engagement.

    Before you do anything else make sure you have legal permission and that you know the potential impact of the tools and techniques you use (e.g. test them beforehand in an isolated lab).
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Just burned his ISO J_dillinger's Avatar
    Join Date
    Jun 2008
    Posts
    9

    Default No problem I can fix it...

    It is our own server - essentially a non production web server we built. There is no essential data on it and since I built it I can fix it if I break it. I have spoken with the senior admin when I'm working and we decided that this server would be a perfect one to experiment on.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •