SANS Penetration Testing: Category - Network Devices

Ever Crack a Password using a Cisco Device?*

[Editor's Note: Here's a short but sweet article by Tim Medin on using Cisco IOS's own capabilities for decoding Type 7 passwords. Now, you might think — "Why don't I just use one of the conversion websites on the Internet for decoding that?" Or, "I know a free downloadable hacker tool that does just that." … Continue reading Ever Crack a Password using a Cisco Device?*


Invasion of the Network Snatchers: Part 2

[Editor's Note: In this follow-up article, Tim Medin continues the discussion of pen testing network devices via the Simple Network Management Protocol (SNMP). He provides really helpful hints and tidbits throughout! Please check it out. -Ed.] By Tim Medin In our last episode, we attacked network gear via SNMP. We scanned for SNMP-accessible devices. … Continue reading Invasion of the Network Snatchers: Part 2


Invasion of the Network Snatchers: Part I

[Editor's Note: In this article, Tim Medin discusses methods for penetration testing network infrastructure components, specifically through the Simple Network Management Protocol (SNMP). Tim's tips below include a nice overview of SNMP, techniques for formulating highly useful lists of potential authentication credentials for SNMP, a description of how to use an Nmap NSE script for … Continue reading Invasion of the Network Snatchers: Part I