# Network Assessment

Auditing Network device configuration

Security Assessment:

* Which VPN services used
* What are the historical vulnerabilities
* Which team is responsible for that
* Is multi factor authentication enabled
* Is user ID/Machine ID trackable
* Is certificate based multifactor authentication enforced
* What are gaps observed
* Comments/Notes:

Map the Internal Network

Scan the Network for Live Hosts

Port-scan individual machines

 

Try to gain access using known vulnerabilities

Attempt to establish null sessions

Enumerate users/identify domains on the network

\[Sniff the network using Wireshark

Sniff POP3/FTP/Telnet Passwords

\[ ] Attempt Replay Attacks

\[ ] Attempt ARP Poisoning

\[ ] Attempt MAC Flooding

\[ ] Conduct Man-In-The-Middle Attacks

\[ ] Attempt DNS Poisoning

\[ ] Try logging in to a console machine

\[ ] Boot the PC Using an Alternate OS and Steal the SAM File

\[ ] Bypass the OS to Obtain Information

\[ ] Attempt to plant a software keylogger to steal passwords.

\[ ] Attempt to plant a hardware keylogger to steal passwords.

\[ ] Attempt to plant spyware on the target machine

\[ ] Attempt to plant a Trojan on the target machine

\[ ] Attempt to bypass antivirus software installed on the target machine

\[ ] Attempt to send a virus using the target machine.

\[ ] Attempt to plant rootkits on the target machine

\[ ] Hide sensitive data on target machine

\[ ] Hide hacking tools and other data on target machines

\[ ] Use various steganography techniques to hide files on target machines.

\[ ] Escalate user privileges

\[ ] Capture POP3 Traffic

\[ ] Capture SMTP Traffic

\[ ] Capture IMAP E-mail traffic

\[ ] Capture the communications between FTP client and FTP Server

\[ ] Capture HTTP Traffic

\[ ] Capture RDP Traffic

\[ ] Capture VoIP Traffic

\[ ] Spoof the MAC Address

\[ ] Attempt Session Hijacking on telnet traffic.

\[ ] Attempt Session Hijacking on FTP

 traffic.

\[ ] Attempt Session Hijacking on HTTP traffic.

\[ ] Document Everything