Network Auditing

Unanswered Question
Jan 15th, 2009
User Badges:

friends i have planned to audit a network which contains atleast 7 routers(bgp,QoS,OSPF and other features) with 25 switches(L3,HSRP,MCast etc)so how can i do my job i mean which softwares are required plus what services shoud i target.Please help me out

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Tshi M Thu, 01/15/2009 - 07:26
User Badges:
  • Silver, 250 points or more

CiscoWorks, Solarwinds, MRTG...just to name a few

John Blakley Thu, 01/15/2009 - 07:48
User Badges:
  • Purple, 4500 points or more

What type of auditing are you doing? Security audit or "make the network better" audit?


Danilo Dy Mon, 01/19/2009 - 03:43
User Badges:
  • Blue, 1500 points or more

If you are performng security audit, my recommendation is to use Nessus

Also remember the following;

- Use encrypted port for management (i.e. SSH, HTTPS)

- Shutdown ports not in use.

- Put descriptions on ports being use (i.e. wha they are used for, circuit # of wan ports if possible include the provider service desk number)

- Have an updated (complete) hardware/software inventory list (includes: models, serial numbers, maintenance contract, maintenance provider and contacts, maintenance contract duration and expiry/start dates)

- Network operation guide (for NOC).

- WAN line contracts (expiry/start dates, circuit numbers, provider contacts)

- Hosts permitted to access the devices (should be lesser, some I saw entire Class C network added in the VTY ACL - if I'm auditor this will fail audit)

- BGP should have password (specially multi-hop BGP)

- It is recommended to implement password security in OSPF (this can be complicated to some)

- VTP domain should have password.

- Switch ports not joining VTP domain should be protected "root guard"

- Physical cabling should have proper label (each end of the cable should be labeled as in you know where to plug them back if you unplug both ends)

- Equipment should be labeled front and back includign power cables (in case you call 24x7 operator to shutdown/power cycle a device, they will not make mistake which one to shutdown/power cycle)

- Any ACL for bogons should be checked and make sure up-to-date (some people put bogons ACL but never update it for years)

- It will be good also if there is a blackhole routes (depends on your network)


This Discussion