Penetration Testing mailing list archives
Re: Blind penetration testing
From: "Meritt James" <meritt_james () bah com>
Date: Tue, 02 Oct 2001 15:02:36 -0400
There is always the obvious public source: name servers (like nslookup), whois servers (Internic is a good place to start), dejanews postings (dredge up interests as well as email addresses, paths,...) and such. I took your question to refer to public sources, yes? I like to start at http://www.ms.mff.cuni.cz/cgi-bin/dns?SERVER=bsu.edu&DEF_SERV=Default+Server&DOMAIN=mff.cuni.cz&NAME=&IP= Nice, out of the way, hard to trace through,... V/R Jim Trey Mujakporue wrote:
Im about to start work on a completely blind penetraton test for a client. The only information i have been given is the company name. From this i can get their corporate web site and from there do a DIG for more company info and address ranges after which i can start my reconnaissance. Question, can anyone out there offer any tips based on this scenario? #include <signature.h> ://Trey Atarhe Mujakporue ://tmujak () ins com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
-- James W. Meritt, CISSP, CISA Booz, Allen & Hamilton phone: (410) 684-6566 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Blind penetration testing Trey Mujakporue (Oct 02)
- Re: Blind penetration testing Meritt James (Oct 04)
- RE: Blind penetration testing Jim Becher (Oct 04)
- <Possible follow-ups>
- RE: Blind penetration testing Sanchez, Scott (Oct 04)
- Re: Blind penetration testing hofmemi (Oct 04)
- Re: Blind penetration testing Ilici Ramirez (Oct 04)
- Re: Blind penetration testing Andrew Simmons (Oct 04)
- RE: Blind penetration testing Grab Raham (Oct 04)