Router Penetration Test Process/Checklist
- [ ] Identify the router hostname
- [ ] Port scan the router
- [ ] Identify the router operating system and its version
- [ ] Identify protocols running on the router.
- [ ] Test for packet leakage at the router
- [ ] Test for router misconfigurations.
- [ ] Test for VTY/TTY connections
- [ ] Test for router running modes.
- [ ] Test for the router's SNMP capabilities
- [ ] Test for TFTP connections
- [ ] Test if finger is running on the router
- [ ] Test for CDP running on the router.
- [ ] Test for NTP
- [ ] Test for access to router console port
- [ ] Test for loose and strict source routing
- [ ] Test for IP Spoofing
- [ ] Test for for IP Handling bugs
- [ ] Test for RIP.
- [ ] Test for ARP attacks
- [ ] Test for OSPF protocols.
- [ ] Test BGP.
- [ ] Test for EIGRP.
- [ ] Test for router denial-of-service attacks.
- [ ] Test for router's HTTP capabilities.
- [ ] Test HSRP attacks.
