RE: hacking challenges

["Yonatan Bokovza" <Yonatan () xpert com>]

> -----Original Message-----
> From: gilles.lami () hays-dsia fr [mailto:gilles.lami () hays-dsia fr]
> Sent: Friday, July 02, 2004 11:19
> To: pen-test () securityfocus com
> Subject: hacking challenges
>
>
> Hello,
>
> What do you think about the numerous hacking challenges 
> present on the web
> ?
> Do you think a good pen-tester should (or must ?) do these 
> games and pass
> all levels of each one ?
> If so, well ... Why ? (Even if the answer of this question could be
> obvious).

Some of these challenges are pretty good in representing
real-world scenarios, and some are pretty bad. There is a lot
more to penetration testing than these challenges, but a good
penetration tester should be able to deal with most of them.

> Another thing very different, and i am sorry for this 
> question i guess most
> of you must have already ridden several times:
> I have to build an action plan to specify how to react after 
> a successfull
> hacking has been detected or suspected ( on a Windows or Unix 
> machine for
> the moment )
> What good readings could you advise ?

That is a topic called "Incident Handling". There is a different securityfocus
mailing list for that, and I'd recommend reading CERT's CSIRT
(Computer Security Incident Response Team) FAQ
http://www.cert.org/csirts/csirt_faq.html

and CSIRTs handbook:
http://www.cert.org/archive/pdf/csirt-handbook.pdf


Best Regards, 

Yonatan Bokovza
IT Security Consultant
Xpert Systems