Network Security 45
Now that we’ve pushed past the basic vulnerabilities of our homegrown residential wire-
less setup, let’s dive right into a full-blown enterprise example. The enterprise environment
we’ll be tasked with pen testing is similar to the one in Figure 2.10.
vulnerability in an Enterprise
Even in the most secure facilities, there remains a risk of network security compromise
by rogue devices. This essentially creates a residential risk environment in an enterprise-
level network. Of course the stakes and the potential resource loss are much higher, but
the dynamic of the risk is the same. For example, when I worked as a network admin in
one of my federal positions we had the entire facility secured with key-carded doors, two-
factor authentication, and respectable perimeter building security. It took only a single
rogue wireless access point to reduce our entire network security effort to something
you could pull out of a box from Walmart. All joking aside, this is just one simple example
of the inadvertent, yet useful, vulnerability that is more common than you can imagine.
FigurE 2.10 Typical enterprise network
InternetDMZ Resources
(Web Servers)Internal DataBorder
RouterInternal
FirewallPerimeter
FirewallBorder
Router