Penetration Testing mailing list archives
(forw) NIST Draft Special Publication 42, Guideline on Network Security Testing
From: aleph1 () securityfocus com
Date: Tue, 5 Feb 2002 08:06:08 -0700
----- Forwarded message from Patrick O'Reilly <patrick.oreilly () nist gov> ----- From: "Patrick O'Reilly" <patrick.oreilly () nist gov> Reply-To: patrick.oreilly () nist gov To: Multiple recipients of list <compsecpubs () nist gov> Subject: NIST Draft Special Publication 42, Guideline on Network Security Testing Date: Tue, 5 Feb 2002 08:42:53 -0500 (EST) Message-Id: <5.1.0.14.2.20020205082902.025e7888 () email nist gov> X-Mailer: QUALCOMM Windows Eudora Version 5.1 February 4, 2002 -- Draft Special Publication 42, Guideline on Network Security Testing, is now available for public comment. This document describes a methodology for using network-based tools for testing systems for vulnerabilities. The primary aim of the document is to help administrators and managers get started with a program for testing on a routine basis. The methodology recommends focusing first on those systems that are accessible externally, e.g., firewalls, web servers, etc., and then moving on to other systems as resources permit. The document includes many pointers to various testing applications and contains more detailed descriptions of several of the more popular test tools. NIST is particularly interested in comments regarding the testing schedules, especially the frequency of certain tests - are they realistic for your environment, should certain tests be run more frequently or less, do you recommend other types of tests or tools? Comments and questions are requested by March 6, 2002. Please send comments and questions to john.wack () nist gov. Here is the URL to the Drafts web page. This document is the first bullet item on this page: <http://csrc.nist.gov/publications/drafts.html> ----- End forwarded message ----- -- Elias Levy SecurityFocus http://www.securityfocus.com/ Si vis pacem, para bellum ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- (forw) NIST Draft Special Publication 42, Guideline on Network Security Testing aleph1 (Feb 05)