Penetration Testing mailing list archives

An Amateur Pen-Test

From: "David Fuller" <burchoff2000 () yahoo com>
Date: Thu, 21 Jun 2001 10:58:40 -0700

My ISP has asked me to do a penetration test for them and I would like to
get an overview of what I should do short of running Nessus and banging on
there (IDS / Logs) door. I have gone over there network with a few scripts
and knowledge I have picked up from the list and Security Focus and I have
discovered all there class C address spaces, I have found two servers
vulnerable to a Unicode exploit and from there able to find out about a few
host sitting behind a ACL / Firewall. Is there anything else I should be
doing... like testing there firewall and seeing if I can scan the network
behind it.

David.


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Current thread:

An Amateur Pen-Test David Fuller (Jun 22)
- Re: An Amateur Pen-Test max (Jun 24)
- Re: An Amateur Pen-Test Damieon Stark (Jun 24)
- <Possible follow-ups>
- RE: An Amateur Pen-Test Brown, Joel (Jun 26)
- Re: An Amateur Pen-Test Jeff Magwood (Jun 29)