Re: [PEN-TEST] First step of a pen-test

["Teicher, Mark" <mark.teicher () NETWORKICE COM>]

OK.

Let's start over again.

If you are given the the network domain name, one can start putting
together an initial network footprint.

ARIN database http://www.arin.net/whois/
Securities and Exchange Commission(SEC) http://www.sec.gov/
WHOIS database http://www.networksolutions.com

PhoneSweep by Sandstorm http://www.sandstorm.net
THC http://www.infowar.co.uk/thc/
ToneLoc http://www.hackersclub.com/km/files/pfiles/Tl110.zip

Network Mapper (Nmap) http://www.insecure.org/nmap
CyberCop Scanner 5.5 by NAI http://www.nai.com
Internet Scanner by ISS http:/www.iss.net
WebTrends Security Analyzerby WebTrends http://www.webtrends.com
ESM  www.axent.com



At 02:38 PM 9/18/00 -0400, Christopher M. Bergeron wrote:
> What is the industry norm for _beginning_ a pen-test after the contract
> has been made?  Would one first map the network?  Try to war-dial the
> exchange for possible remote (pcanywhere, etc). access machines?  VRFY
> email addresses to look for user logins?  Is it typical to ask for
> information about the network (ie. network architecture) beforehand or do
> most pen-tests start "blindly" and do the network reconnaissance.
>
> Thanks to anyone who addresses even one of my many questions.