RE: stuck with concepts...

["Benjamin Tomhave" <list-procurare () secureconsulting net>]

As much as it pains me to provide the reference, a book like Hacking Exposed
(currently in 5th ed.) provides the info you're needing.  Think of it as a
basic explainer in the process you're developing.  Probably can get a copy
at any old bookstore.
http://www.amazon.com/gp/product/0072260815/sr=8-2/qid=1145915107/ref=pd_bbs
_2/102-8873215-1096951?%5Fencoding=UTF8

---
Benjamin Tomhave, CISSP
falcon () secureconsulting net
http://falcon.secureconsulting.net/
http://www.linkedin.com/pub/0/622/964

"We must scrupulously guard the civil liberties of all
citizens, whatever their background. We must remember
that any oppression, any injustice, any hatred is a
wedge designed to attack our civilization."
-President Franklin Delano Roosevelt
 

> -----Original Message-----
> From: Joel Jose [mailto:joeljose420 () gmail com] 
> Sent: Monday, April 24, 2006 1:22 AM
> To: pen-test () securityfocus com
> Subject: stuck with concepts...
>
> people,
>            i am facing a small conceptual difficulty in the 
> project(ospttm.pbwiki.com). we need to do a reconnaisance of 
> the target and prepare logistics for the attack, like mapping 
> the target network.. etc but when we use nessus and 
> metasploit, where do our efforts fit the picture?.. when we 
> have correctly mapped the target network using 
> firewalk,nmap,amap..etc . Ok the whois and dnsquery can give 
> you target ip's to put in nessus, but what bout others?...
>
> isthere a way to integrat our results with these automated 
> tools?.. or the traditional method of using 
> firewalk,nmap..etc has fallen down to current trends like nessus?
>
> joel.
> --
> As soon as men decide that all means are permitted to fight 
> an evil, then their good becomes indistinguishable from the 
> evil that they set out to destroy.
>                       - Christopher Dawson, The Judgment of Nations
>
> --------------------------------------------------------------
> ----------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security? 
> Why not go with the #1 solution - Cenzic, the only one to win 
> the Analyst's Choice Award from eWeek. As attacks through web 
> applications continue to rise, you need to proactively 
> protect your applications from hackers. Cenzic has the most 
> comprehensive solutions to meet your application security 
> penetration testing and vulnerability management needs. You 
> have an option to go with a managed service (Cenzic 
> ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
> Download FREE whitepaper on how a managed service can help 
> you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to 
> confirm your results from other product. Contact us at 
> request () cenzic com for details.
> --------------------------------------------------------------
> ----------------


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------