Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions

LAYERS 57

1. Higher Layers Security Protocols Testing

Assessing SSH implementation, ciphers used, and vulnerabilities

Assessing SSL/TLS implementation, ciphers used, and vulnerabilities

Assessing security of higher layers VPN implementations , such as cIPe

Assessing the implementation and security of the Kerberos protocol

Assessing the vulnerabilities of higher layers security protocols to man-in-the-middle/ session hijacking attacks

2. Higher Layers Traffic Filtering Testing

Assessing session-based stateful filtering in certain firewallsfor example, Cisco PIX

Assessing the security features of proxies and proxy firewalls

Assessing ingress and egress content filtering

Assessing NAT-unfriendly protocols (active FTP, H.323, and so on) forwarding

Assessing SPAM filtering implementation behavior/efficiency

Assessing centralized virus filtering efficiency

3. Inbuilt Device IDS Features

Assessing the efficiency of the inbuilt device IDS against current common hacking attacks and malware

Assessing IDS/traffic filtering integration

Assessing local and remote attack logging quality

Assessing remote logging methods , authentication, and encryption

4. Syslog Security

Assessing support of remote distributed logging and logging over TCP

Assessing the compatibility with common syslog servers

Assessing the local syslog daemon vulnerability to various DoS/log buffer filling attacks

5. Management Interface Security

Assessing the security of management web interface

Assessing the security of SNMP management and SNMP implementation

Assessing the security of remote SSH, RSH, and Telnet device management

Assessing the security of configuration files/OS upload and download facilities (FTP, TFTP, RCP)

6. NTP Security

Assessing NTP authentication and checking NTP updates

7. DNS Security

Assessing DNS zone transfers and zone spoofing vulnerabilities

Assessing DNS traffic forwarding

Assessing secure DNS (SDNS) implementations

Категории