SRX

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Penetration Testing - Interpreting the Tester's Request

  • 1.  Penetration Testing - Interpreting the Tester's Request

    Posted 09-18-2021 20:09
    We are using the SRX340 as our primary security device.  We have engaged a 3rd party to do some parts of penetration testing.  They have asked for this:
    Email Social Engineering
    IMPORTANT NOTE: In order to ensure successful delivery of phishing emails, you must whitelist the below
    IP address on any content filtering, content monitoring, or SPAM filtering system(s) that your company
    utilizes. Improper or incomplete whitelisting of these IP addresses could result in incorrect or inaccurate
    test results.
    IP Addresses to Whitelist:
    xxx.xxx.xxx.xxx

    Now, we do have a whitelist for Web Filtering.  However, we have incomplete insight into what other mechanisms might be in use.
    For example, we know that WebFiltering uses undisclosable 3rd party lists that are dynamic.
    But this request isn't about blocking outgoing Web accesses. 
    So, I'm wondering about other things like incoming email filtering in this case.