From: ganesh mahadevan (ganesh.was.mahadevan@gmail.com)
Date: Thu Aug 16 2007 - 01:07:52 EDT
Hi,
I need some guidance. I am carrying out a pen test of a network
interconnect setup. The scenario is this:
An internal network is connected to an external network through
serial to Ethernet converters and two relays (one on the outward
facing side is normally open and one on the inward facing side is
normally closed). There is an intermediate server between these two
relays. These relays close and open for a certain period of time
depending on a pearl script running on the internal gateway. This
intermediate server is connected to the gateways of both networks
through the serial to Ethernet converters. The user logs into the
outward facing gateway, sends data in a particular format. This is
sent further through the relays and the serial to Ethernet converter
to the intermediate server. The intermediate server does input
validation and accepts data only if it meets this criteria. Once the
relay on the inner side closes (and the relay on the outer side
opens), this data is then sent further onto the internal network.
I hope this description is clear. I need some pointers on how to
pentest this setup and what could be the potential pitfalls in this
setup. Any help would be welcome and appreciated.
Thanks
Ganesh
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:02 EDT