Security Basics mailing list archives
Re: penetration tester advice
From: Kristopher Matthews <krism () evilpen net>
Date: Wed, 17 Sep 2003 14:19:48 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Mehmet, Can you explain more of what you want the program to do? How thoroughly do they want tested? I mean, would an nmap[1] sweep of thier network suffice? Do they want to make sure they're not running any vulnerable protocols? (A packet sniffer would do wonders here, along with knowledge about which services are cleartext and which are ciphered.) Some common cleatext protocols: telnet, ftp, pop3, smtp[*], http[*1]. I'm sure others can come up with many more. Regards, Kristopher Matthews * not all are configured for smtp auth, so this might be a non-issue. *1 not usually a problem unless sensitive data is being transferred - -- [-] http://evilpen.net/pubkey.asc || pgp.mit.edu [+] 1024D/7F390CED 2003-09-15 [|] 8A0B BE3D F433 1550 748B D05B 6E4D BFB3 7F39 0CED -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQE/aKXEbk2/s385DO0RAsH2AJ9cLTvqtfFVc4XRKFbFqKmCQMm0jQCgplsD kTpCA7KrmaU4YlM2uW2tc/8= =AutJ -----END PGP SIGNATURE----- ---------------------------------------------------------------------------Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------
Current thread:
- penetration tester advice Mehmet Buyukozer (Sep 17)
- Re: penetration tester advice Valter Santos (Sep 17)
- Re: penetration tester advice Joe McCray (Sep 17)
- Re: penetration tester advice Kristopher Matthews (Sep 17)
- RE: penetration tester advice Balwant Rathore (Sep 17)
- RE: penetration tester advice Nick Owen (Sep 17)
- Re: penetration tester advice m0use (Sep 17)
- Re: penetration tester advice Evidence (Sep 17)
- <Possible follow-ups>
- RE: penetration tester advice Dave . Hartley (Sep 17)