Next: Cost
Up: Firewall audit for Sun
Previous: Deliverables
The following items are required:
- superuser access to the firewall console including the root password.
(It should be changed for the duration of the system audit and
changed back again later)
- access to the network cabling and hub on the outside and on the inside
of the firewall.
- the right to plug up to two computers into these hubs, and temporary IP
addresses for these four possible computers
- if the network that the internal interface of firewall is connected to
has no live users on it, then additional access to a network that
does have real users on it.
- a detailed security policy
- a detailed network diagram including the public network (aka DMZ)
router, firewall, and the internal network. This diagram should
mention any other internal routers and WAN connections that may
exist.
- a liability waiver letter signed by a senior manager indicating that
it is understand that these tests may cause damage to internal
machines, cause loss of documents, and may disruption of the internal
network. Sample text can be found in an appendix.
It would be desirable for Ottawa Sun Publishing to provide two 486/66 (or
better) systems with relatively generic configurations, but including IDE or
SCSI CDROM, and for which the hard disk can be erased. These will be used as
hosts for the test scripts.
If necessary, Sandelman Software Works can provide these machines (at
additional cost), but can not leave the machines there to aid in resolving
any issues that may arise.
These machines are only needed on a temporary basis.
Next: Cost
Up: Firewall audit for Sun
Previous: Deliverables
Michael C. Richardson
1998-11-08