Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Testing it all
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Testing it all - 30.Nov.2004 8:24:00 PM
|
|
|
cyskon
Posts: 6
Joined: 16.Nov.2004
From: Jamaica
Status: offline
|
Okay, so now you have your ISA2004 server installed, configured, and running. How do you test it from the outside?
For me its easy to test it from the inside, by trying to do things that I have set policies to prevent and watch as it prevents it from working. Nice.
Now how do I behave like the casual intruder who is trying to gain access to my network? How do I "attack" ISA from the outside and see the results.
While I know it would be "risky" writing an article like that, I believe that's what's needed. How are you sure its stopping what it should stop? How are you sure it will send you an alert when x number of ports is scanned in x time period?
How do you know how it will react when a port scanner or brute force is applied to.
Or just simply testing to see what it does, how do we go about doing that?
It may sound like a "newbie" question, but those who do not dabble in the "hacker" world - whether good or bad - will not have a clue.
|
|
|
|
|
RE: Testing it all - 1.Dec.2004 1:01:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Cyskon,
Some choices:
1. Learn how to be a hacker. There are a ton of resources on the Internet on how to do this (unfortunately)
2. Do what companies do -- hire a penetration testing company. We've done this, and no one gets past a properly configured ISA firewall
BTW -- no one ever got past a properly configured 2000 ISA firewall either!
HTH,
Tom
|
|
|
|
|
RE: Testing it all - 1.Dec.2004 5:35:00 PM
|
|
|
KyleKartan
Posts: 47
Joined: 21.Oct.2003
From: New Hampshire
Status: offline
|
Another easy way to test would be a simple network security scanning software.
I've used GFI Languard, its free, and pretty simple to use.
www.languard.com
If you're more serious about it, definatly take Toms' advice and hire a proper consultant.
|
|
|
|
|
RE: Testing it all - 2.Dec.2004 9:29:00 AM
|
|
|
penrose.l@2college.nl
Posts: 474
Joined: 29.Jan.2004
From: Netherlands
Status: offline
|
FYI :
hackers don't target your ISA.
They target vulnerable servers inside your network ( HTTP i.e. ) and then attack your ISA from inside.
So testing from inside is as important.
Kind regards,
LexP .
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
