Response | Assessments

• Three parts

  • External: access from internet
  • Dial-in: find modems inside the firewall
  • Internal: done on-site, connected to the LAN

• External (aka perimeter check, external IP assessment, network assessment)

  • Reconnaissance (discovery)
    • What the external hacker sees
      • What devices are visible
      • What ports are open
      • What services are accessible
    • Techniques
      • Public information, e.g. WHOIS DB... ISP info for hosted web sites
      • ICMP sweeps, e.g. Ping
      • Port scans