3

Given that there are N number of hosts on a given network being used for different purpose, should we place a machine for penetration testing or vulnerability scanning on same LAN or should we have that machine/host on separate network and specifically whitelist that IP address on the firewall in between?

One reason for thinking about placing them on same network is the scanning speed and other is not triggering any tripwires in between the scanning machine and the target host. Any other thoughts why or why not to?

Krishna Pandey
  • 1,497
  • 1
  • 16
  • 26

1 Answers1

3

This really depends on the type of pentesting you're going to do. Are you trying to identify the vulnerabilities from attacks coming from a machine in the same LAN? Then you put the pentesting host on the same LAN. Do you want to see if your public-facing webserver is secure vis à vis of external attackers? Then do a pentest from the Internet. And so on.

In general, you should do a pentest in the most typical situation. If the scans trigger tripwires in any part of your network, that's an important information as you'll know that the IDS is working properly.

dr_
  • 5,060
  • 4
  • 19
  • 30
  • Yeah your point is well taken, but idea is to test the Application functionality to the maximum assuming that we don't have any perimeter defense mechanisms in place. In that case, should both target and attacker host should be on separate VLAN? Any considerations on part of traffic generated in this process (spidering/crawling/etc.) and it's impact on other hosts in target network? – Krishna Pandey Nov 05 '15 at 10:18
  • In this case it's fine if both are on the same subnet. Concerning the traffic generated during the pentesting, it's impossible to say without knowing the tools used in the audit but it should mostly be limited to the subnet. – dr_ Nov 05 '15 at 12:57