Penetration Testing mailing list archives

Re: RE: What is being a pen tester really like? (fwd)

From: paul_boam () yahoo com
Date: 3 Aug 2006 12:30:42 -0000

The best pen testing firms impose QA through CESG CHECK team leaders. Unfortunately that doesnt protect you as the
customer from either the pen tester having a bad day/hangover or a new vulnerability or better tool/exploit occuring 30
minutes after your pen test has just finished.

If I had just run nmap against a target and found all but 80 and 443 open with everything else filtered, no old
OS/versions and nikto came back with what turned out to be 10000 false positives I would be inclined to look for an
easier target.

All of these results are relatively easily implemented through anti reconnaisance techniques. These techniques make
sure that the target is not attractive to a would be attacker and although they dont replace a proper layered security
architecture, they do significantly reduce the threat. Anyone playing iso27001 will see the risks drop significantly,
and whats more it's easier to teach people to harden than it is to pen test, which is often intuitive once you get past
a tools capability.

Pen testing has been described as a burglar finding the open window, then spending most time explaining how he stole
the video recorder, dvd, tv, fridge, etc etc etc.... you could stop all this however by closing and locking the window.
You could even put a dummy burglar alarm up outside if you get my drift.

Before embarking on a career in pen testing take a look at a career in hardening. Its of much greater value to the
client in every sense.

Paul

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

RE: What is being a pen tester really like? (fwd) Erin Carroll (Aug 02)
- <Possible follow-ups>
- RE: What is being a pen tester really like? (fwd) Porter, Thomas (Tom) (Aug 02)
- Re: RE: What is being a pen tester really like? (fwd) paul_boam (Aug 03)
  - Re: RE: What is being a pen tester really like? (fwd) R. DuFresne (Aug 05)
- Re: Re: RE: What is being a pen tester really like? (fwd) gazwj (Aug 04)