Firewall Wizards mailing list archives
Re[2]: Penetration Tests
From: Edward Cracknell <edward () securIT net>
Date: Fri, 26 Sep 1997 17:27:06 +0100 (BST)
Darren Reed <darrenr () cyber com au> wrote: darrenr >You might even find some older versions of tools such as iss which are darrenr >minus the graphical bloating. Hmmm, downloading the trial version of darrenr >ISS (with the docs) might be worthwhile for reading the docs - what darrenr >sort of vulnerabilities to expect, etc. darrenr > I was very impressed with what I saw from ISS when I downloaded the latest copy a few weeks ago, but like you say, it's obviously a case of throwing that net wide enough. darrenr >I'm not sure that this really answers your question...most of the tools darrenr >commercially available are enhanced versions of SATAN - just with more darrenr >options put in them. The real intelligence is in the various subroutines darrenr >which do the testing and given exploits are fairly easy to obtain, it darrenr >is certainly possible to expand the utility of SATAN. darrenr > darrenr >The $$ question is, how much time do you want to spend doing this and what darrenr >that cost will be vs. buying something like ISS to do it for you. darrenr > I might well invest in ISS, but isn't it based upon an IP address?, which means as a portable tool for testing, it's no good! darrenr >Darren Thanks for the mail Darren. Regards ------------------------------------------------------------- Edward Cracknell Security Administrator/Author edward () SecurIT net --------- Okay, who put a "stop payment" on my reality check? -----------
Current thread:
- Re[2]: Penetration Tests, (continued)
- Re[2]: Penetration Tests Edward Cracknell (Sep 26)
- Re: Re[2]: Penetration Tests Arjan Vos (Sep 27)
- Re: Re[2]: Penetration Tests Alfred Huger (Sep 27)
- Re: Penetration Tests Paul D. Robertson (Sep 26)
- Re: Penetration Tests Bennett Todd (Sep 26)
- Policy ? (was RE: Penetration Tests) Capt Jim Bailey - SSG/SINS - DSN 596-6106 (Sep 26)
- Re: Policy ? (was RE: Penetration Tests) Edward Cracknell (Sep 29)
- Re: Policy ? (was RE: Penetration Tests) Bennett Todd (Sep 29)
- Re: Policy ? (was RE: Penetration Tests) Paul D. Robertson (Sep 30)
- Policy ? (was RE: Penetration Tests) Capt Jim Bailey - SSG/SINS - DSN 596-6106 (Sep 26)
- Re[2]: Penetration Tests Edward Cracknell (Sep 26)
- Re: Penetration Tests -= ArkanoiD =- (Sep 26)