Security Basics mailing list archives
Re: network auditing
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 16 Oct 2003 11:59:10 +0200
On 2003-10-15 cc () belfordhk com wrote:
Hagen, Eric wrote:Well, being the network administrator, it would be impossible for you to "black box" test the network. However, any penetration testing you employ would be "crystal box" type tests.Unless I do it at home(which isn't practical at the moment due to me still using a dialup). But perhaps my understanding of this 'black box' test isn't that correct. Why do you say it's 'impossible'?
Black box testing means you know nothing about the system/network you try to pen-test. Whenever you have some knowledge about a system or network (e.g. being its administrator) it is no longer a black box to you. Regards Ansgar Wiechers --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- network auditing cc (Oct 14)
- <Possible follow-ups>
- RE: network auditing Hagen, Eric (Oct 14)
- Re: network auditing cc (Oct 15)
- Re: network auditing Ansgar -59cobalt- Wiechers (Oct 16)
- Re: network auditing cc (Oct 15)
- RE: network auditing Meidinger Chris (Oct 14)
- Re: network auditing Lee Rich (Oct 15)
- RE: network auditing Hagen, Eric (Oct 16)