RE: Designing Network Security

From: Erin Carroll (amoeba@amoebazone.com)
Date: Fri Jan 06 2006 - 13:44:51 EST


This probably isn't the best place to get information on network design and
planning but we *can* discuss what topologies or technologies we've seen
work well from our pen-testing experience. Pen-testers have a unique view of
network design since we are the ones who actually test the stuff out there
in the real world. Well list?

For instance, I have a personal bias against Cisco PIX firewalls and MS ISS
web servers since a large majority of the ones I've run across doing
pen-tests have been misconfigured and full of holes. I'm not saying that the
products can't be locked down and effective, just that it's not what I
normally find in the real world.

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball" 
 
> -----Original Message-----
> From: kaushik [mailto:kaushik.mamania@dg2l.com] 
> Sent: Thursday, January 05, 2006 10:44 PM
> To: pen-test@securityfocus.com
> Subject: Designing Network Security
> 
> Hello List,
> 
> May be this is not the right list to post. Since we need to 
> protect ourselves from crackers, malicious traffic am taking 
> the liberty to post here.
> 
> We need to redesign the network. We need to place a web 
> server, mail server , VOIP server within the DMZ and also put 
> an IDS in place.
> 
> How should one go about designing the same.
> 
> Have to concentrate on protecting the Intellectual Property 
> as well since we are a R&D center.
> Will need some good policies for the same.
> 
> Can some one direct me to good online resources in the vast 
> sea available.
> 
> Warm Regards
> Kaushik
> 
> --
> This message has been scanned for viruses and dangerous 
> content by MailScanner, and is believed to be clean.
> 
> 
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
> 
> Hackers are concentrating their efforts on attacking 
> applications on your 
> website. Up to 75% of cyber attacks are launched on shopping 
> carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and 
> locked-down servers are 
> futile against web application hacking. Check your website 
> for vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks 
> before hackers do! 
> Download Trial at:
> 
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------
> 
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.371 / Virus Database: 267.14.14/222 - Release 
> Date: 1/5/2006
>  
> 
-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.14/222 - Release Date: 1/5/2006
 
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:19 EDT