Penetration Testing mailing list archives
RE: Info collection
From: "Jeff Gercken" <JeffG () kizan com>
Date: Mon, 9 Aug 2004 14:21:33 -0400
What I'm looking for are utilities that collect useful information on running production devices in the early stages of an eval. They need to be scriptable (ie command line) and should not have any installed components. The idea is that they can be executed remotely using shell scripts, psexec, or rolled into an msi package. I'm not looking for attack or external probing tools, and yes I am well aware of nmap and what it does. The idea is that once you know precisely what the target is you can tailor the network discovery/attack tools to it. Why play the service guessing game w/ headers & fingerprints when you could just find out first hand? Saves you effort & the customer $$. In my opinion, the days of black box pen testing are over. By starting on the box and working outward you can evaluate the successive layers of security providing for a systematic and comprehensive evaluation. Anyhow that's my $.02 -jeff -----Original Message----- From: Michael Shirk [mailto:shirkdog () cryptomail org] Sent: Friday, August 06, 2004 8:00 AM To: pen-test () securityfocus com Subject: RE: Info collection There are alot of other tools. You seem to be speaking of Windows and *nix. For Windows, I would add tcpview from sysinternals which is a GUI realtime traffic monitor for ports and processes. Also, just use PHLAK or AUDITOR bootable linux distros, designed for security and forensics to work with Windows and *nix. Sleuthkit also with Autopsy is available on PHLAK, or just search google and try it out. -----Original Message----- From: JeffG () kizan com [mailto:JeffG () kizan com] Sent: Wednesday, August 04, 2004 11:02 AM To: pen-test () securityfocus com Subject: Info collection Importance: Low I am attempting to refine my methods of evaluating servers and am wondering what information you all gather during an assessment on various platforms. These would be run on the target machines with privileged accounts (root or administrator). They should be scriptable & statically compiled or at least not have any unusual dependencies. Examples: Fport Portqryv2 LADS Dumpwin Lsof Netstat -an / -ln Tiger Hfnetchk Msinfo32 Winmsd !+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+ CryptoMail provides free end-to-end message encryption. http://www.cryptomail.org/ Ensure your right to privacy. Traditional email messages are not secure. They are sent as clear-text and thus are readable by anyone with the motivation to acquire a copy. !+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+
Current thread:
- Info collection Jeff Gercken (Aug 05)
- RE: Info collection Israel Torres (Aug 09)
- Re: Info collection Ali-Reza Anghaie (Aug 09)
- <Possible follow-ups>
- Re: Info collection H Carvey (Aug 09)
- RE: Info collection Michael Shirk (Aug 09)
- RE: Info collection Petr . Kazil (Aug 10)
- RE: Info collection Jeff Gercken (Aug 09)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection Martin Mačok (Aug 11)
- RE: Info collection Frank Knobbe (Aug 10)
- Re: Info collection H Carvey (Aug 10)
- RE: Info collection Jack Cullen (Aug 11)
- Re: Info collection H Carvey (Aug 12)