Results 1 to 3 of 3

Thread: pentesting an ISP infra. Share/Save - My123World.Com!

  1. #1

    pentesting an ISP infra.

    Hello everybody.
    if you are in a ISP network, and wants to perform a pentesting operation what is your steps?
    you have assets like : DSLAMs, bras, ibs , cache , too maney routers, DNS and something like this.

  2. #2
    first you have to split the whole isp services from beginning to the end , not just test the netowrk !

    1-networks [ routers with all services and all attack modes, like bruteforce , any public/private exploit or DOS/DDOS Attack , quality of network and bandwidth , sometimes caches and high availabilities of servers and etc ]
    2-users panel [ sometimes users have a panel [web base] to manage /recharge and monitoring of network usage and etc which you have to pentest against any attacks and take care of user info won't to be leak ]
    3-users limitation [ access of users to others users (ex: if they have valid ip and what if other user grab other user password and want to use hacked account and control mac filtering and etc ) and block icmp tunneling and etc ]
    4-admin panels and services [ pentest admin panel and secure there ex: some isp use ibsng and ... to control users and it have some vuln , it could be web base panel or anything on any operation system , so you have to analysis all you have and then start for pentest] and by the way usually isp have site and it might be secure too

    all services i told you have much sub-services/os/ and way to attack , as i said again , in first step you have to see what's all of you have there , and then pentest all of them step by step

  3. #3
    thanks really! so much
    after this, is there any threat around routing protocols and any tunnels between PAP centers which placed in telecoms?
    these are so big in scale & complex.
    assume, you are sit in ISP and can have access to all edge/core switch router, is yersinia good?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts