Skip to content

Segmentation Test

The NodeZero Segmentation test scans the internal network for potential targets to run attacks against. This test does not run any attacks it just scans for IPs, ports, services and applications on the network.

Why should I run a NodeZero Segmentation Test?

There multiple reasons why the segmentation test would be used, here are three use cases where the segmentation test would be used:

  • Quicker test that provides results within the website to help familiarize the user to how results are reported
  • Provides a list of assets on the network at the time the test is ran
  • A tool for a new network where the user wants to see what NodeZero finds in the network before running tests that perform exploits.

How to Run a NodeZero Segmentation Test

Create a new Pentest

Open the NodeZero Portal and navigate to the Pentests tab.

Click + RUN PENTEST, then select the Operational Scenario Testing category.

Screenshot

Select Segmentation Testing to open the configuration for this pentest

Screenshot

Configure a Segmentation Test

There are three sections that can be filled out for this test

Selecting a Template and Name

Select a Template to be used for the test and give the test a Name

Screenshot

Set a Scope

The scope is the set of IPs and/or subnets (in CIDR notation) within which you want to run the test. This should be set to the network of interest

If you are unclear on CIDR notation, here is a reference and a calculator app to assist you:

If your environment uses 192.168.0.1 and the subnet mask is 255.255.255.0, then you’ll add the following to the Include section: 192.168.0.0/24

For properly segmented environments, use comma-separated CIDR notation. For example: 192.168.0.0/16,172.16.10.0/24,10.0.0.0/8

Most internal networks will use the designated private IPs to scan all of these toggling the Add Full Private IP Space will automatically add the entire private IP space to the scope.

If you are running NodeZero in a more complex environment, set the scope to cover as many subnets as possible. You should ask your Network Administrator for a list of CIDR annotated subnets.

The Exclude section stops NodeZero from scanning or exploiting a set of IPs or subnets. The IPs within this section may be discovered by NodeZero via various techniques within the pentest, but NodeZero will not touch them. They may show up in the Out of Scope list within the pentest results. Note that this parameter also requires CIDR notation.

When satisfied with your scope, click Next.

Screenshot

(Optional) Select a Runner

To have the test run automatically select a runner to execute the test. To setup a runner click here

Screenshot

Run the test

Finally click Run Pentest to generate the start script to run. If using a runner, the runner will automatically pick up the script and start the test on your behalf. If not using a runner, login to the NodeZero host and copy-paste the script into the command line and press enter to start the test.

You've started an Segmentation Test

NodeZero sends an email once the segmentation test completes.