Firewall Wizards mailing list archives
Re: Re[2]: Penetration Tests
From: Arjan Vos <arjan () pino demon nl>
Date: Sat, 27 Sep 1997 09:18:12 +0200 (MET DST)
On Fri, 26 Sep 1997, Edward Cracknell wrote:
Maybe I didn't give enough info in my first mail, but I have used these packages many times, including Crack v5, Netcat, ifstatus, rootkit, tiger etc. I am really looking for; a) a consensus on what should be covered/not in such a test
The consensus I cannot give, but in performing penetration tests I adhere to some generic framework in which you define beforehand: 1) goal of the peneration test 2) scope (what will be tested *AND WHAT NOT!!!*) 3) characteristics of the target (e.g., is it a high availability production system, is it a testing system, is the test whitebox or black box) 4) expected merits (what do you think will be the added value of the test, what evidence will be gotten, is it a realistic assessment?), 5) risks (well, maybe the test will bring down repsonsetimes, or maybe something might go wrong so pay attention to liability issues) 6) requirements (will testing take place on-site? So do you need a company's computer and network entry, etc, resource, risk, project mgtm, etc... o yeah, debriefing and evaluation with the "victims" is very important) Point 4) is very important. If a company has no security policy and the systems have no security baselines or whatsoever, then the added value will be low as you can foresee pretty certain what the results will be. If they do have a security policy and baselines, then testing will have merits as you identify possible deviations from the policy and baselines. Then, when actually performing the test, you can roughly identify the following (iterative) phases: 1) planning and preperation for each individual test 2) execution of the test a) detect (possible) weaknesses b) identify weaknesses by exploiting them c) analysis of cumulative effect of weaknesses found 3) evaluating and reporting of the test results, and maybe back to 1)
b) examples (papers)
I know there have been some articles on penetration testing on the Web. I don't have these at hand though. If you want to know where to find these articles I can look the URL's op for you... so let me know then If you want some more information, email me privetaly so maybe we can work something out...
c) news of commercial products, because I may want to take them on board to sell to my customers
What do you mean? You already got the information on ISS and Ballista as given to you as a reply on your initial question.
d) news of other (less common) packages that you can't get from every wanna-be hacker or security experts page!! ;-)
Mmm.. now you are entering the propriety testing toolkits :-)) What I use is some combination of freely available software and commercial software. Most things I have modified for my own needs or I have added scripts and programs etcetera. These scripts merely exist of expect/perl scripts to automate manual testing. Also netcat is very useful and ipsend or CAPE from Ballista package. And of course tcpdump and/or tcpshow prove very useful....
e) I want to hear from anyone who may be interested in having their products marketed by quite a large Security organisation over in the UK to the financial communities (Thanks Marcus and Frank!)
Unfortunately I do not have a product to market, just services... :-))
...and so far I am really grateful for all the replies and information which I will be following up on next week ...and so far I am really grateful for all the replies and information which I will be following up on next week Finally, has anyone heard on the Intranet penetration testing tool Netech (I think that's the spelling)? It's an Israeli product.
Never heard of it.
Thanks in anticipation.
You're welconme Gr. Arjan -- Eat hard Sleep hard Wear glasses if you need them
Current thread:
- Penetration Tests Edward Cracknell (Sep 25)
- Re: Penetration Tests Marcus J. Ranum (Sep 25)
- Re: Penetration Tests Brian Mitchell (Sep 26)
- Re[2]: Penetration Tests Edward Cracknell (Sep 26)
- Re: Re[2]: Penetration Tests Arjan Vos (Sep 27)
- Re: Re[2]: Penetration Tests Alfred Huger (Sep 27)
- Re: Penetration Tests Brian Mitchell (Sep 26)
- Re: Penetration Tests Marcus J. Ranum (Sep 25)
- Re: Penetration Tests Paul D. Robertson (Sep 26)
- Re: Penetration Tests Bennett Todd (Sep 26)
- Policy ? (was RE: Penetration Tests) Capt Jim Bailey - SSG/SINS - DSN 596-6106 (Sep 26)
- Re: Policy ? (was RE: Penetration Tests) Edward Cracknell (Sep 29)
- Re: Policy ? (was RE: Penetration Tests) Bennett Todd (Sep 29)
- Re: Policy ? (was RE: Penetration Tests) Paul D. Robertson (Sep 30)
- Policy ? (was RE: Penetration Tests) Capt Jim Bailey - SSG/SINS - DSN 596-6106 (Sep 26)
- Re[2]: Penetration Tests Edward Cracknell (Sep 26)
- Re: Penetration Tests -= ArkanoiD =- (Sep 26)