From: Erin Carroll (amoeba@amoebazone.com)
Date: Fri Jan 06 2006 - 13:44:51 EST
This probably isn't the best place to get information on network design and
planning but we *can* discuss what topologies or technologies we've seen
work well from our pen-testing experience. Pen-testers have a unique view of
network design since we are the ones who actually test the stuff out there
in the real world. Well list?
For instance, I have a personal bias against Cisco PIX firewalls and MS ISS
web servers since a large majority of the ones I've run across doing
pen-tests have been misconfigured and full of holes. I'm not saying that the
products can't be locked down and effective, just that it's not what I
normally find in the real world.
-- Erin Carroll Moderator SecurityFocus pen-test list "Do Not Taunt Happy-Fun Ball" > -----Original Message----- > From: kaushik [mailto:kaushik.mamania@dg2l.com] > Sent: Thursday, January 05, 2006 10:44 PM > To: pen-test@securityfocus.com > Subject: Designing Network Security > > Hello List, > > May be this is not the right list to post. Since we need to > protect ourselves from crackers, malicious traffic am taking > the liberty to post here. > > We need to redesign the network. We need to place a web > server, mail server , VOIP server within the DMZ and also put > an IDS in place. > > How should one go about designing the same. > > Have to concentrate on protecting the Intellectual Property > as well since we are a R&D center. > Will need some good policies for the same. > > Can some one direct me to good online resources in the vast > sea available. > > Warm Regards > Kaushik > > -- > This message has been scanned for viruses and dangerous > content by MailScanner, and is believed to be clean. > > > -------------------------------------------------------------- > ---------------- > Audit your website security with Acunetix Web Vulnerability Scanner: > > Hackers are concentrating their efforts on attacking > applications on your > website. Up to 75% of cyber attacks are launched on shopping > carts, forms, > login pages, dynamic content etc. Firewalls, SSL and > locked-down servers are > futile against web application hacking. Check your website > for vulnerabilities > to SQL injection, Cross site scripting and other web attacks > before hackers do! > Download Trial at: > > http://www.securityfocus.com/sponsor/pen-test_050831 > -------------------------------------------------------------- > ----------------- > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.1.371 / Virus Database: 267.14.14/222 - Release > Date: 1/5/2006 > > -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.14/222 - Release Date: 1/5/2006 ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:19 EDT