Penetration Testing mailing list archives
RE: Standards for penetration testing
From: "Rosado, Rafael (Rafael)" <rarosado () lucent com>
Date: Thu, 4 Mar 2004 13:52:55 -0700
Thomas, You could also consider: * SECURITY PENETRATION TESTING GUIDELINE: A Chapter of the Handbook for the Computer Security Certification of Trusted Systems (US Navy) Rafael Rosado, CISSP, CISA IT Security Manager Lucent Technologies IT Infrastructure - Network Design 2400 SW 145th Avenue Miramar, Florida 33027 Office: 954-885-2176 Facsimile: 954-885-3861 Email: rarosado () lucent com This electronic mail message contains information belonging to Lucent Technologies, which may be confidential and/or legal privileged. The information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, printing, copying, distribution, or the taking of any action in reliance on the contents of this electronically mailed information is strictly prohibited. If you receive this message in error, please immediately notify us by electronic mail and delete this message. -----Original Message----- From: Thomas Kerbl [mailto:thomas.kerbl () fh-hagenberg at] Sent: Thursday, March 04, 2004 1:09 PM To: pen-test () securityfocus com Subject: Standards for penetration testing Hello list, I'm currently doing some research for my thesis on penetration testing methods. Therefor I'm looking for widely used standards in this area. Here a collection of what I've already found: * OSSTMM - Open Source Security Testing Methodology Manual * Durchfuehrungskonzept fuer Penetrationstests (BSI - Germany) * NIST Guideline on Network Security Testing (special publ. 800-42) I tried (additional to google search) to find further standards in RFC repositories, the IEEE publication database, CERT, the ITIL website and of course the securityfocus archive. I couldn't find much usefull information on the penetration-test topic. Of course there are many great security ressources, but not exactly the information I was looking for. Can anyone point me to other standards for penetration testing? If there are any other "must-read" papers (like ISO17799 for example) out there, they are also welcome. I can make use of english and german documents. tia, Thomas Kerbl -- ~ FH-Hagenberg: Computer & Media Security ~ http://cms.fh-hagenberg.at ~ my GPG key ID: 0x924042D1 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Standards for penetration testing Thomas Kerbl (Mar 04)
- RE: Standards for penetration testing Rafael Ausejo Prieto (Mar 05)
- Re: Standards for penetration testing Brahman (TPG Account) (Mar 07)
- <Possible follow-ups>
- RE: Standards for penetration testing Rosado, Rafael (Rafael) (Mar 05)
- Re: Standards for penetration testing Karsten Johansson (Mar 07)
- RE: Standards for penetration testing Rafael Ausejo Prieto (Mar 05)