Security testing on network

Submitted by:

's Success Story

Security testing on network

A group of student have been asked to do a bit of network security testing at college. Basically the college have just invested in some android tablets, more macs and more net books.

The IT admins wants to just double check everything beforFinee they put the new equipment out. What would be the main things to check when doing some testing with all these devices?

Obviously there are a few networked drives which students shouldn't have access too but teachers do so this is the main thing to test to see if it can be gotten around. The servers they use are microsoft and Linux servers.

Any tips on things to look out for?

Ps. This is not a question about how to maliciously hack the college network it's genuinely some penetration testing.

Perhaps, I can restate my concerns in a more succinct way: if you are trying to configure the clients to restrict access to servers and networked resources, then you are approaching it wrong. A Mont Blanc Pens sale client device is generally never in a position of trust. The server (and network) protects its own. Locking down client devices to help is but one layer of an otherwise multi-layered security onion. So if you are asking for guidance to lock down client devices to support additional security controls, then you aren really looking for pen testing of a network but rather hardening of the client. logicalscope Dec 9 '11 at 1:12

If you want a general security test of your servers i recommend using OpenVAS (the new open source Nessus). This tool will look at version numbers and for some services it can test for misconfiguration.

In terms of the mobile devices them selves, I don't see how this changes your attack surface. Just like any end user system, you still have to worry about keeping these devices up to date. It should be noted that Android introduced ASLR in Ice Creme Sandwich (A bit late don't you think?), so update to this version as soon as possible.

No Name

Certs/Trainings:
No reviews

Success Story Reviews

Add Comment

 
Image CAPTCHA
Cancel