RE: Pen-Test company network

["Hawkins, Ray (721)" <Ray.Hawkins () protiviti com>]

You may want to consider purchasing/using a methodology centric book
such as Gray Hat or HACK IT so you have a sense of accepted practice and
process.  This will also help support your position from a management
standpoint to include this as part of your standard information security
control environment.

Just my 2 cents

Ray Hawkins
Protiviti, Inc.
Security & Privacy Solutions
CISSP, CISM, CISA, PMP, ISO 17799 Specialist
Philadelphia, PA

-----Original Message-----
From: Krimsonline () gmail com [mailto:Krimsonline () gmail com] 
Sent: Tuesday, June 20, 2006 7:40 AM
To: pen-test () securityfocus com
Subject: Pen-Test company network

Hi ya all,

I won't to start pen-testing my own company's network, but I don't
really know where to start ... I've heard a lot of NMAP, IKE-SCAN,
ftester and so on and so on, but wher do you start ???

Any help is welcom.

Kind regards

------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic
has the 
most comprehensive solutions to meet your application security
penetration 
testing and vulnerability management needs. You have an option to go
with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------



NOTICE: Protiviti is a leading international provider of independent internal audit and business and technology risk 
consulting services. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on 
financial statements or offer attestation services.  This electronic mail message is intended exclusively for the 
individual or entity to which it is addressed. This message, together with any attachment, may contain confidential and 
privileged information. Any unauthorized review, use, print, retain, copy, disclosure or distribution is strictly 
prohibited. If you have received this message in error, please immediately advise the sender by reply email message to 
the sender and delete all copies of this message. Thank you
==============================================================================


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------