Filed under: Exploits, Penetration Testing, Security Articles
posted by D1m on 17 Mar 2007 05:15 pm
Pen-Test Paper: How An Internal Network Becomes External
My friend SuRGeoN from Greece wrote a very interesting pen-test paper which explains how easy is to convert an internal network into an external with the port redirection technique. He demonstrates the attack scenarios – including network architecture diagrams – and goes into great technical details about them.
Furthermore, here are the steps which the attacker would follow:
1. Information gathering for the external network
2. Seeking for vulnerabilities & misconfigurations
3. Using flaws to get a shell
4. Information gathering for the internal network
5. Escalating privileges for the internal network
6. Converting internal network to external
Download SuRGeoN’s paper from here: [ srgn-pentest-01.pdf ]
This information is provided to you ONLY for educational purposes. The way that the information in this paper will be used, depends on the individual’s legal and ethical attitudes. YOUR choice!… YOUR risk!…
Comments on the paper are of course welcome. You can also contact SuRGeoN via e-mail: surgeony/\gmail.com (replace /\ with @).