By the time you're contracted and you don't know what to audit and what to analyze, u're busted.
It's quite a simple process already, but requires knowledge , which you don't get for a night of googlin'.
And still - it all depends on the size of the network, you wanna audit. First you gotta know the price of the information, the client is trying to protect. There's nothing, which cannot be stolen by black hatters. But if a super-survey and a mega-spoof costs the hacker 40k usd, he won't do it for a piece of information worth 3k usd. Your job is to make a possible attack more expensive. Identify the weak spots over a network. Protect data flow. Keep services up-to-date. Keep clients restricted. An example of misundestanding : you have a file storage(samba f.e.) array, u keep it stripped, implement strong passwords, even encrypt data, firewall the server, ips the server and you know you have like 30 windows 98 machines exposed and having read-write permissions to those files. That's bad already, isn't it? A more complex example, you're running a caching dns-server for some clients and you use a non-trusted DNS, for once you get your cache poisoned and all the user data is being pfished. If you wanna be a good auditor, you'd better have a research on past and present exploits on securityfocus/securia/bugtraq, get a step into black business. Cause you can't fight an opponent, whose weapon is a mystery to you.
|