Firewalls and IDS/IPS appliances are part of a secure network, but in this article we’ll look briefly at the placement and functional value of each device. As you venture through the details, keep in mind that securing a network is a holistic process; breaking into a network, on the other hand, is a focused process. Consider it akin to building a dam. As the engineer of a dam, you must consider the integrity of the entire structure and plan accordingly. If you are looking to sabotage the dam, then all it takes is just one little poke in the right place and it all comes flooding down. The same is true with network security.
Figure 1 is a basic setup you’ll run into in nearly every household setup today. Of course this isn’t necessarily the enterprise-level network you’ll be attacking, but this basic layout still encompasses the ingredients of the vulnerable points of larger layouts. The purpose of including this design is to give you an idea of how closely it relates to our larger network.
Figure 1 Residential network setup
Now that we’ve pushed past the basic vulnerabilities of our homegrown residential wireless setup, let’s dive right into a full-blown enterprise example. The enterprise environment we’ll be tasked with pen testing is similar to the one in Figure 2.
F i g u r e 2 Typical enterprise network
As you can see, there are layers of protection to keep unauthorized visitors from perusing the internal network. A layered defense applies multiple levels (layers) of defensive road-blocks in hopes a hacker will get stuck midstream. Not all organizations have the funds to install such a solution, nor do they have personnel on hand properly trained to stay up to date and configure the protective appliances properly. A $10,000 firewall is only as good as the administrator maintaining it. Additionally, as ethical hackers we can rely on a wonderful variable for vulnerability generation: our beloved users.