Penetration Testing mailing list archives
Re: [PEN-TEST] Sample penetration report
From: Knowledgebase i-Net Security <knowledgebase () LYCOS COM>
Date: Tue, 22 Aug 2000 16:03:53 -0900
Mark of NetworkIce has a cool Recommendation... But for ME It's Not really GOOD coz` if ur going to produce s0me reports it should Be Detailed and a Non very Technical One coZ` for TEchnical People it's Not but if ur talking about some I.T. managers who's that very familiar... w/ that terminologies u have to re defined... it Should be Literaly Understandable... just a Simple Report Like this ONE: LOw risk: Medium Risk: High Risk: Problem: Effect: Recommendation: Remember.... We're Considering ALL Educated and Non security Educated Person that's why they will Avail some Security services.... thanks,, ----------------- On Tue, 22 Aug 2000 17:23:53 Teicher, Mark wrote:
Here is an outline that has been used by several different organizations over the years and in some cases still being used by some of the larger type security consulting practices: Executive Summary Findings Recommendations Introduction Purpose and Scope Network Map . Remote Dial-in Map Findings and Recommendations Organizational and Procedural Issues Network Security Responsibility Internal Restrictions Network-Wide Vulnerabilities Firewall Intrusion Detection and Security Monitoring Host Vulnerabilities Dial-in Vulnerabilities Password Issues Network Vulnerabilities Recommendations Industry Best Practices Network Considerations Network Addressing Firewalls Automated Systems Intrusion Detection and Security Monitoring Vulnerability Scanning Host Considerations System Banners Dial-in Access Remote Management of Network Infrastructure Devices Centralized Security Authority Informational Services User Authentication . Passwords Password Administration Password Structure and Policy Appendix Assessment Process Overview Background Security as an Operational Process Security Posture Defined Assessment Process Network Discovery Target System and Vulnerability Identification Data Analysis and Security Design Review At 03:46 PM 8/21/00 -0400, Christopher M. Bergeron wrote:Can anyone point me to a sample penetration test / vulnerability analysis report somewhere? What types of things does one usually put in such a report?
Send your favorite photo with any online greeting! http://www.whowhere.lycos.com/redirects/americangreetings.rdct
Current thread:
- [PEN-TEST] Sample penetration report Christopher M. Bergeron (Aug 22)
- Re: [PEN-TEST] Sample penetration report Teicher, Mark (Aug 22)
- Re: [PEN-TEST] Sample penetration report The Unicorn (Aug 24)
- <Possible follow-ups>
- Re: [PEN-TEST] Sample penetration report Knowledgebase i-Net Security (Aug 23)
- Re: [PEN-TEST] Sample penetration report Teicher, Mark (Aug 23)