Penetration Testing mailing list archives
Re: Info collection
From: Ali-Reza Anghaie <ali () packetknife com>
Date: Thu, 05 Aug 2004 22:57:08 -0400
On Wed, 2004-08-04 at 11:01, Jeff Gercken wrote:
I am attempting to refine my methods of evaluating servers and am wondering what information you all gather during an assessment on various platforms. These would be run on the target machines with privileged accounts (root or administrator). They should be scriptable & statically compiled or at least not have any unusual dependencies. Examples: Fport Portqryv2 LADS Dumpwin Lsof Netstat -an / -ln Tiger Hfnetchk Msinfo32 Winmsd
It looks like you have a mix of platforms in the commands above. How about other items (mixed platforms again) like: MS Baseline Security Analyser rpm -V (or other package integrity checkers) find -perm (sticky bit, sgid, etc.) tripwire inzider dumpsec (from hyena) crontab information startup/rc.d *shrug* Depends on what you're trying to accomplish and log. Cheers, -Ali -- OpenPGP Key: 030E44E6 -- Was I helpful?: http://svcs.affero.net/rm.php?r=packetknife -- May you do Good Magic with Perl. -- Larry Wall
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Info collection Jeff Gercken (Aug 05)
- RE: Info collection Israel Torres (Aug 09)
- Re: Info collection Ali-Reza Anghaie (Aug 09)
- <Possible follow-ups>
- Re: Info collection H Carvey (Aug 09)
- RE: Info collection Michael Shirk (Aug 09)
- RE: Info collection Petr . Kazil (Aug 10)
- RE: Info collection Jeff Gercken (Aug 09)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection Martin Mačok (Aug 11)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection H Carvey (Aug 10)
- RE: Info collection Jack Cullen (Aug 11)
- Re: Info collection H Carvey (Aug 12)