Re: [Newbie] Info about ISP Gateways

From: David Swafford (dswafford@alterhighschool.org)
Date: Thu Mar 15 2007 - 07:38:52 EST

• Next message: David Swafford: "Re: [Newbie] Info about ISP Gateways"
• Previous message: Zed Qyves: "Oracle Application Server 10g question"
• In reply to: Gerrit @ DeadSet Internet Technologies: "[Newbie] Info about ISP Gateways"
• Next in thread: David Swafford: "Re: [Newbie] Info about ISP Gateways"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi GJK, welcome to the pen-testing list.

Regarding the private networks, this is just means that they are just a
bunch of VLANs with subnets. The ISP gateway (not on the customer
premise but at the central office or nearest neighborhood DSL pod)
itself would just forward traffic normally, usually an ISP's upstream
gateway does little or no filtering in regards to security so your
methods of testing from your DSL connection into another DSL connection
should be unaffected by how the ISP has chosen to structure the network.
 

Since you mentioned being a newbie, I feel that it is a good that I
mention this: make sure that you have a written contract detailing your
tasks and the scope of the project. Even testing a simple DSL
connection for a small business can become a problem if the contract is
not done properly or not at all, remember to not overlook this vital
step in the process.

David.
CCNA, CEH, Security+, Network+

>>> "Gerrit @ DeadSet Internet Technologies" <info@deadset-tech.com>
3/14/2007 6:52 am >>>
Hi

I am new to this Pen-Testing idea, just finished the CEH course but
that only showed how much I actually need to learn.

Problem number one:
I am on a Wireless/ADSL line, the ISP divided all the Wireless
customer into separate "private" networks that then go through a
gateway. To to vulnerability tests on customers on my same network
from my office is a breeze, but to do it on the other networks will
be a problem. Does that mean I need to "break" through the ISP's
gateway first in order to reach the other "private" networks?

Problem number two:
Should I need to "break" through the gateway of the ISP to reach
these customers then I guess the ISP might not be very happy about
it, right? So what way is there around that?

Thanks
GJK

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: David Swafford: "Re: [Newbie] Info about ISP Gateways"
• Previous message: Zed Qyves: "Oracle Application Server 10g question"
• In reply to: Gerrit @ DeadSet Internet Technologies: "[Newbie] Info about ISP Gateways"
• Next in thread: David Swafford: "Re: [Newbie] Info about ISP Gateways"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:40 EDT