Penetration Testing mailing list archives
Re: [PEN-TEST] Noisy ou stealthy ?
From: "Masse, Robert" <rmasse () RICHTERSECURITY COM>
Date: Wed, 8 Nov 2000 11:37:05 -0500
Hi It depends on what your goal is and the arrangement with the customer. You should ask your customer what they prefer. For most pentests I would say it's done on a 'noisy' level. If you are testing IDS systems then you would be a bit more carefull (and charge more for the extra time you will incur performing the test). So the answer is "that depends on what the client wants and the goal of the pentest". That should be presented in the scope of the mandate. Hope that helps, Rob Robert Masse, CISSP Chief Technical Officer Richter Security Inc. 2 Place Alexis Nihon, suite 905 Montreal, Quebec, Canada +514 934 3566 Direct +514 934 3406 Fax -----Original Message----- From: Nicolas Gregoire [mailto:nicolas.gregoire () 7THZONE COM] Sent: Wednesday, November 08, 2000 11:17 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Noisy ou stealthy ? Hi pen-testers, just a question about methodology. When you are doing some pen-tests, do you use the noisy way (full port range scan, lot of scanning for cgi whitout IDS evasion techniques, brute force attacks on FTP) or the sthealthy one ? I think that the noisy way is easiest (just schedule a Nessus scan , a whisker scan and an ISS scan for the night, read the results and attack) but can't really test the efficacity of corporate defenses. The stealthy way is more time-consuming, but more funny .... So, what's your method ? Nicob
Current thread:
- [PEN-TEST] Noisy ou stealthy ? Nicolas Gregoire (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Jose Nazario (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Iván Arce (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Greg (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? andy lowton (Nov 11)
- Re: [PEN-TEST] Noisy/stealthy ? N Catlow (Nov 14)
- Re: [PEN-TEST] Noisy ou stealthy ? Don Bailey (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? a007 (Nov 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Noisy ou stealthy ? Eric Lauzon (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Dunker, Noah (Nov 09)
- Re: [PEN-TEST] Noisy ou stealthy ? Masse, Robert (Nov 09)