Penetration Testing mailing list archives

Re: Exploit Archive

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 18 Aug 2004 14:46:38 -0400 (EDT)

On Sat, 14 Aug 2004, DokFLeed.Net wrote:

Well,
you solved your own problem "I've been told that you can

find many exploits out on the web, but it's been such a hassle trying to
find all of what I'm looking for! "

the problem is what are you looking for?

running an automated tool will not be your salvation, most of them ,even the
very expensive ones, seem to ignore some serious holes, and I mean most of
them without naming any.
lets say , I got a client paid 45K $ on tools and they couldn't pickup
what's happening, even when he chose all the audits available on each of
them.
your worries should go away , by your own methodology, you are even in a
better situation since you aren't starting a Zero-Knowledge testing.
*run a discovery tool, Nmap is enough and great.
*what ever results of open ports you get verify it, a simple telnet to this
port at least
*verify the OS fingerprinting you get , then optimize your test.
*test only what's open, don't be a dreamer and try to audit a closed port, I
have seen it happening. and I bet each tester on his first project did it,
its the enthusiasm rather than experience.


Alot of good info here, but, I saw nothing about verifying that the
systems configurations match the security policy of the site.  Which is
why I lay alot more validity to configuration audits then I do to port
scans and telnet checkups.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
-------------------------------------------------------------------------------

Current thread:

Exploit Archive DeMott Jared (Aug 17)
- Re: Exploit Archive DokFLeed.Net (Aug 18)
  - Re: Exploit Archive R. DuFresne (Aug 18)
    - Re: Exploit Archive chewy (Aug 19)
    - Re: Exploit Archive Francisco Sáa Muñoz aka n3z (Aug 20)
- Re: Exploit Archive Kevin Sheldrake (Aug 18)
  - Re: Exploit Archive Ereshkigal (Aug 19)
- Re: Exploit Archive Jacob Uecker (Aug 18)
- Re: Exploit Archive A.R. (Aug 19)
- Re: Exploit Archive Ramsey Consulting Services (Aug 19)
- Re: Exploit Archive Senser (Aug 20)
  - Re: Exploit Archive Robert Rich (Aug 20)
    - RE: Exploit Archive Michael Zanetta (Aug 23)

(Thread continues...)