Penetration Testing mailing list archives
Re: honeypot in conjunction with pen test?
From: Daniel Polombo <polombo () cartel-securite fr>
Date: Fri, 07 Jun 2002 19:07:51 +0200
Mark Tinberg wrote:
If I may respectfully disagree, a pen-test *is* about getting in, and is distinct from an audit. To me (and this may just be a semantic difference) an audit is a completely different animal where the auditors spend several weeks/months on-site going over the client's procedures and network equipment with a fine toothed comb, as well as interviewing the admins. The report will contain things that should be tightened up as well as places where the written policy differs from what is implemented in the network hardware and where the admins differ from policy. It is not something that can be done remotely, although it may involve a pen-test for verification.
I tend to separate this into three different categories :- the pen-test is all about getting in, as Mark said. Indeed, its very name implies that the main purpose is to find _a_ hole, and not _all_ holes, the point (or one of the points, depending on the particulars) being that if an experienced team of pen-testers cannot break into the system, most hackers shouldn't either (note the "most", we all know there's no such thing as perfect security).
- the vulnerability assessment is similar to the pen-test as far as the tools and methods are concerned, but aims at identifying _all_ vulnerabilities in a target platform.
- the security audit is the full package, heavily relying on a formal methodology, including a complete analysis of the client's security policy and how it is applied, and so on.
But, of course, that's just me, and as far as I know, there's no precise, widely accepted definition.
-- Daniel Polombo Cartel Securite ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- RE: honeypot in conjunction with pen test? Aleksander P. Czarnowski (Jun 05)
- <Possible follow-ups>
- RE: honeypot in conjunction with pen test? Javier Fernandez-Sanguino Pena (Jun 06)
- Re: honeypot in conjunction with pen test? Bennett Todd (Jun 06)
- Re: honeypot in conjunction with pen test? Mike Riley (Jun 06)
- Re: honeypot in conjunction with pen test? Mark Tinberg (Jun 07)
- Re: honeypot in conjunction with pen test? Daniel Polombo (Jun 07)
- honeypot in conjunction with pen test? Javier Fernandez-Sanguino Pena (Jun 18)
- Re: honeypot in conjunction with pen test? Alex Russell (Jun 19)
- RE: honeypot in conjunction with pen test? Woody Weaver (Jun 19)