Im doing a graduation project for my senios year, and I decided on auditing the network security of a local ISP. I know little to nothing on where to start and what all I should use and test. Any help would be appricated. Thanks.
Printable View
Im doing a graduation project for my senios year, and I decided on auditing the network security of a local ISP. I know little to nothing on where to start and what all I should use and test. Any help would be appricated. Thanks.
If this IS a graduation project, then why are you picking a subject you know nothing about?
Even if you complete/submit a paper on this, your teacher/professor has more than enough experience with students and will see you don't know anything about this at all, even if you plaugerize someone's elses work.
I recommend staying within the boundaries you know best, because trying to audit the network security of a local ISP will be both hard and could cause you to lose your ISP access.
Did the local ISP give you permission to audit there network? My guess would be NO. Simply because, most ISPs have an outside resource monitoring there network. Like the ISP I work for we have NOC and a few other ones that audit, troubleshoot secure our ISP's network. Do you have any information on the local ISP? If so, we need this information in order to recommend software and other useful information.Quote:
Im doing a graduation project for my senios year, and I decided on auditing the network security of a local ISP. I know little to nothing on where to start and what all I should use and test. Any help would be appricated. Thanks.
Well, first off. We are REQUIRED to pick something we know little to nothing about. They want to us to learn something new and get experience in a field we are interested in.
Second, YES...I have permission from the ISP...considering I WORK THERE. Now...anyone willing to actually help with some ideas? Thanks in advance.
One of the things you want to look into is pen testing:
http://www.google.com/search?sourcei...:en&q=pen+test
I gave you Google link as opposed to individual link so that you can see the vast array of information out there on it. That first site, Security Focus, is a good place to start.
If your ISP is running a MS Solutions environment then check this place out thoroughly:
http://www.microsoft.com/technet/security/default.mspx
Google the following:-
NMap
Read the manual
Perform the scans
Determine the Operating Systems and services available
Determine the version number of the software running the services
(the above can be done by googling something like "Determine version <program> remotely"
Search somewhere like secunia for exploits against the version
DO NOT attempt the exploit.
Write your report, (google for acceptable network audit report formats), and get yourself an A....
:cool:
That should be more than enough to satisfy your prof.... He might learn something too..... ;)
Were all willing to help. In order for US to HELP YOU you have to give us information on the ISP. Every network and ISP is different. Tiger shark gave you useful information.Quote:
anyone willing to actually help with some ideas? Thanks in advance.
http://icat.nist.gov/icat.cfm
http://www.cve.mitre.org/
http://www.cert.org/
http://csrc.nist.gov
http://securityfocus.org/
:cool:
Thank you CuseMMA, TigerShark, and Computernerd22. I was thinking not only of doing pen testing but social engineering as well. Basically an entire overview of the security of the company. Its a small ISP. Only about 20 computers on the network. But also contains many servers, routers, and the like, wireless and otherwise. Thanks for the help though, Ill look into those links. Any ideas for some sites offering good online courses in that area?
Have a look at this
http://www.isecom.org/osstmm/
My piece of advice would be don't assume you're allowed to audit their network just because you work there. Some of the penetration testing tools can break stuff and might cause some problems. If you haven't already I would ask management if doing this project is acceptable. You might have already done this, but I just figure if you don't know much about this area you might have overlooked this.Quote:
Originally posted here by Limpster
Second, YES...I have permission from the ISP...considering I WORK THERE. Now...anyone willing to actually help with some ideas? Thanks in advance.
Make sure you get permission first, but nessus is a very good overall testing tool and provides many different options. On top of that its freeware.
Get the permission in writing too (including what you are and aren't allowed to do). If you accidently break something they won't be able to blame it on you.. Unless you did something they didn't allow... That's why you need it in writing. That way they can't change their minds when something goes wrong (intentionally or not).
Thanks for your concern, but I have asked and I am allowed.
Sorry this is late, I just signed up to the site today.
If you're still looking to do some network security auditing (my favorite part of my job) you probably want to take a look at running Nessus. You can download it for free from.
www.nessus.org
There is a tutorial on the site for how to use it. It requires no more than a Linux machine and the most basic comprehension of networking to get working.
If you couple Nessus, Nmap, Ethereal (all open-source programs) you have the ability to completely map out and test a network for security weakness on a system by system basis.
Coming from a Cisco background I'd suggest you look into the security on your perimeter routers because they have to pass huge amount of traffic through with little or no packet inspection, but they also have to maintain a level of security on the traffic coming through them. The configuration on them or on your company's firewall would be a good start for background. No reason to re-invent the wheel.