HostedDB - Dedicated UNIX Servers
index_200
Router Security Configuration Guide UNCLASSIFIED 200 UNCLASSIFIED Version 1.0g This vulnerability can be tested by sending a UDP packet to the router’s port 514. However, if the router is running a vulnerable version of the IOS software and the access list is not properly configured or not applied, the router will crash or hang! As mentioned above, running DoS attack scripts against the router can have very serious and undesirable consequences.  If, after careful consideration, planning and coordination, the decision is made to go forward with this testing, the attack scripts are readily available from many sources on the internet.  At the time of this writing, Packetstorm Security has several DoS exploits, available  under http://packetstorm.securify.com/exploits/DoS/ and http://packetstorm.securify.com/spoof/.   Other useful sites for exploit information and code are listed at the end of this section. 6.3.3.    Mechanisms for Automated Testing There are a number of products available to automate the testing process.  CyberCop Scanner from Network Associates and Internet Scanner from ISS are two popular commercial products. The Security Administrator’s Integrated Network Tool (SAINT) and the Security Administrator Tool for Analyzing Networks (SATAN) are publicly available tools. WARNING: RUNNING AUTOMATED ATTACK TOOLS ENTAILS SIGNIFICANT RISK! It is easy to accidentally auto-scan more systems than you intended, or to touch systems for which you have no legal author ity.  Exercise caution when using tools like CyperCop, SAINT, or SATAN; always double -check the addresses to be scanned, and monitor the tools closely while they are operating. CyberCop Scanner performs comprehensive evaluations of intranets, web servers, firewalls and screening routers by scanning them and performing extensive tests to identify known vulnerabilities.  CyberCop generates reports from scan results that include information about detected vulnerabilities: a description of the vulnerability, security concerns, level of risk and suggestions for fixing/mitigating the vulnerability.  CyberCop offers monthly updates consisting of new modules and security hotfixes for new and evolving vulnerabilities.  For more information, visit: http://www.nai.com/asp_set/solutions/activesecurity/acts_produ cts.asp   Internet Scanner is also a network vulnerability analysis and risk assessment product. Internet Scanner probes the network’s communication services, operating systems, key applications and routers for those vulnerabilities frequently used by malicious users to investigate and attack networks.  Internet Scanner includes nearly 600 total tests, and updates containing the latest tests and security checks are available for download daily.  Internet Scanner ana lyzes the scan data and provides reports containing vulnerabilities identified along with recommended corrective actions.  The latest version of Internet Scanner (6.01) now contains tests to find hosts infected by