Penetration Testing mailing list archives
Re: Security Audit
From: "bacano" <bacano () esoterica pt>
Date: Mon, 17 Sep 2001 13:53:54 +0100
Lets try to put things the other way around, for dont get in to the exercise in semantics that Don Bailey said, or refering ourselfs to a pen test as if it was only running a scanner or identify one hole in one server to can exploit it without seeing anything else. Regarding http://uk.osstmm.org/osstmm.htm, what are the topics for a zero knowledge pen test or what is called there an Unrestricted Test? Network Surveying Port Scanning System Identification Services Probing Vulnerability Research and Testing Application Testing Firewall & ACL Testing and Review Security Policy Review Privacy Review Intrusion Detection System (IDS) Testing Document Grinding (Electronic Dumpster Diving) Social Engineering Trusted Systems Testing Password Cracking Denial of Service (DoS) Testing Wireless Network Testing PBX Testing [ ]'s bacano ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Security Audit, (continued)
- Re: Security Audit H Carvey (Sep 12)
- Re: Security Audit R. DuFresne (Sep 12)
- Re: Security Audit H C (Sep 13)
- Re: Security Audit R. DuFresne (Sep 13)
- Re: Security Audit H C (Sep 13)
- Industry Definitions... possible? was Re: Security Audit Don Bailey (Sep 14)
- Re: Security Audit R. DuFresne (Sep 12)
- Re: Security Audit H Carvey (Sep 12)
- Re: Security Audit bacano (Sep 16)
- RE: Security Audit Dom De Vitto (Sep 18)
- Re: Security Audit bacano (Sep 17)