DEFENSE SWITCHED NETWORK INFORMATION ASSURANCE ...
DEFENSE SWITCHED NETWORK INFORMATION ASSURANCE ...
DEFENSE SWITCHED NETWORK INFORMATION ASSURANCE ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
• If the system supports lines, the following manual calls should be attempted:<br />
Analog to Analog, IP to IP, Analog to IP, and IP to Analog. Confirm that all test calls<br />
are completed and all IP handsets are identified.<br />
• Trunks allow a group of inlet switches or circuits to connect at the same time.<br />
The service provider can provide a lesser number of circuits than might otherwise be<br />
required, allowing many users to “share” a smaller number of connections and<br />
achieve capacity savings. If the system supports trunks, the following manual calls<br />
should be attempted: Analog over trunk and IP over trunk. Confirm that all test calls<br />
were completed.<br />
3. Discover Host<br />
Finding all the hosts in use by the system is the first step in the technical<br />
evaluation. Detecting all the possible hosts and their corresponding IP address<br />
information is required to begin any further technical evaluation.<br />
4. Conduct Ping Sweep<br />
A general ping sweep will determine what hosts are available via the Internet<br />
Control Message Protocol (ICMP). This is generally an ICMP echo request (type 8) to<br />
elicit an ICMP echo reply (type 0) from a host.<br />
5. Conduct Transmission Control Protocol (TCP) Sweep<br />
The TCP sweep provides insight into available hosts when ICMP is disabled. A<br />
TCP sweep will attempt to make TCP connections to a host range on a specified port<br />
list. The client will send a Synchronize (SYN) and, if the host is available on that port,<br />
the client will receive a SYN/Acknowledge (ACK) and respond with an ACK packet to<br />
the target host with a sequence number incremented by one.<br />
6. Perform Traffic Analysis<br />
Traffic Analysis allows the test team to determine all the hosts that are included<br />
within the solution under test.<br />
7. Perform Port Enumeration<br />
Port enumeration provides a list of services or applications that could be running<br />
on the host and gives the tester a good indication of what operating system might be<br />
present on the end-point. Port scanning of each host will provide a detailed list of which<br />
ports are open, closed, or filtered on a specified host. Conduct port scans using many<br />
different protocols, packet flags, and techniques. These different scans can yield<br />
different results in different situations, depending on the configurations and protections<br />
of each host. Additional Open Source Security Testing Methodology Manual strategies<br />
are in Appendix E.<br />
11