.

Vulscan/Pentest over WAN - ISP issues?

<<

carbonated

Newbie
Newbie

Posts: 2

Joined: Fri Oct 26, 2012 2:24 pm

Post Sun Oct 28, 2012 4:35 pm

Vulscan/Pentest over WAN - ISP issues?

Hi there,

I received a request from a colleague to run some vulnerability scans on a public-facing box he's about to go live with. He is 100% willing to write me a formal letter of request to perform the scans, and specify the extent of the testing authorized. However, I'm wondering what the best practice is when doing this over from residential ISP. Are there friendly cloud/VPS providers you'd suggest? Is this type of thing allowed by ISPs without violating the ToS? My fear is that I'll start some basic scanning and have my internet access shut off, and have it take a while to sort out by presenting the proper authorization documents to the ISP. Any help is appreciated!
Last edited by carbonated on Sun Oct 28, 2012 4:41 pm, edited 1 time in total.
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Sun Oct 28, 2012 4:58 pm

Re: Vulscan/Pentest over WAN - ISP issues?

Once you have obtained written permission from the explicit owner of the box, consult with your ISP. Ultimately, they are the only ones who will be able to tell you if you are violating their ToS.
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
<<

MrTuxracer

User avatar

Newbie
Newbie

Posts: 47

Joined: Fri Dec 30, 2011 4:25 am

Location: Germany

Post Sun Oct 28, 2012 5:15 pm

Re: Vulscan/Pentest over WAN - ISP issues?

I agree with m0wgli. Most of the providers have a "compliance with all laws" part in their ToS which basically says that you have to take care of all applicable laws and regulations from the country of your provider and your country. So your best bet would be to ask your provider directly.
eCPPT, HP ASE (Networking), LPIC-1, OSCP, WCSP
http://www.rcesecurity.com
<<

carbonated

Newbie
Newbie

Posts: 2

Joined: Fri Oct 26, 2012 2:24 pm

Post Sun Oct 28, 2012 8:15 pm

Re: Vulscan/Pentest over WAN - ISP issues?

Thanks folks. I spoke with a representative with Time Warner Cable; he told me that this is NOT a violation of ToS and is "absolutely okay" as long as its done with consent, and isn't being done maliciously. He was even nice enough to email me a summary of our discussion "just in case."
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Oct 29, 2012 12:14 am

Re: Vulscan/Pentest over WAN - ISP issues?

You might want to also check if they block any traffic on their residential connections (you may not get an entirely honest answer here though).

For example, an ISP may only allow 80 and 443 inbound for business accounts. Was a service not vulnerable to an exploit, or did your reverse shell fail because that traffic was silently blocked by your ISP?

If you don't want to go the business account route, check out http://www.arpnetworks.com/ for an affordable VPS.
The day you stop learning is the day you start becoming obsolete.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Nov 02, 2012 11:05 am

Re: Vulscan/Pentest over WAN - ISP issues?

I agree with the above comments.

You may also want to check VPSCOLO for cheap VPS options. I pay about $50/year with them. They didn't have any problem with me doing any sort of testing.
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Fri Nov 02, 2012 1:24 pm

Re: Vulscan/Pentest over WAN - ISP issues?

ajohnson wrote:
If you don't want to go the business account route, check out http://www.arpnetworks.com/ for an affordable VPS.



I really am not a fan of VNC for any systems I am storing sensitive data on ... :(

I do like their prices though, am currently using https://www.linode.com/ 1024 w/backup now and that winds up running me about $15 more a month than arpnetworks. I've been very happy with their service but this discussion prompted me to look for some other cheaper options. I used the hackingmachines BT5 VPS for awhile and am technically still a customer but theres no management and its really expensive.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Fri Nov 02, 2012 2:05 pm

Re: Vulscan/Pentest over WAN - ISP issues?

tturner wrote:I really am not a fan of VNC for any systems I am storing sensitive data on ... :(


Was that a typo for VPS, or are you referring to the VNC management? You can upload SSH keys over HTTPS and use VNC over an SSH tunnel.

Regarding VPSes in general, you can implement disk encryption, change root passwords, and implement any other control or hardening procedure. With that level of control, I don't see it being any less secure than collocating a server.

Also, aside from network-intensive activities like nmap scans, I primarily use it as a proxy. This is especially true for GUI tools like Burp that I'd rather run locally.
The day you stop learning is the day you start becoming obsolete.
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Sat Nov 03, 2012 12:44 pm

Re: Vulscan/Pentest over WAN - ISP issues?

tturner wrote:I do like their prices though, am currently using https://www.linode.com/ 1024 w/backup. ... I've been very happy with their service but this discussion prompted me to look for some other cheaper options.


I've got the same without back up. one thing I have been really impressed with is their security responses. I've had a few automated SSH Brute force attacks hit my server from other linode customers. They have been very prompt to respond.
OSWP, Sec+
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Sat Nov 03, 2012 7:42 pm

Re: Vulscan/Pentest over WAN - ISP issues?

ajohnson wrote:
tturner wrote:I really am not a fan of VNC for any systems I am storing sensitive data on ... :(


Was that a typo for VPS, or are you referring to the VNC management? You can upload SSH keys over HTTPS and use VNC over an SSH tunnel.



Yeah I was referring to VNC for console access. Have not used their service so was not sure how much control you had over the console (assumed was shared) to lockdown VNC but not sure why they wouldn't use something like nxserver to shovel X11 over SSH. It's a much more secure config in my opinion. It's not free but neatx or freenx implement the GPL'd libraries from the commercial version and work just as well. I use FOSS nxserver versions (usually freenx) with the commercial client (also free) and find it to be a much better way to manage via GUI.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Nov 03, 2012 7:57 pm

Re: Vulscan/Pentest over WAN - ISP issues?

VNC is used for out-of-band management, so you can get into the BIOS, etc. As I mentioned before, you can tunnel that over SSH.

Whether you install the OS yourself, or go with one of their default builds, you can install whatever software you want and use that. You're not required to use VNC for remote administration.
The day you stop learning is the day you start becoming obsolete.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software