Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Pen Test of a ESX Server

From: "Mohr, James" <James.Mohr () ParkNicollet com>
Date: Thu, 16 Aug 2007 08:55:28 -0500
You could begin with the review procedures in the corresponding
checklist, (though you may have already thought of that since you are
testing against the STIG).  

http://iase.disa.mil/stigs/checklist/vmchklst-v2r12-APR06.doc

Good luck,
Jim 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of jfvanmeter () comcast net
Sent: Wednesday, August 15, 2007 10:01 AM
To: pen-test () securityfocus com
Subject: Pen Test of a ESX Server


 I have a assignment to complete a pen test of a ESX server and was
hoping to get some thoughts from everyone on how and what to test.  I
need to check to see if the server is configured in accordance with the
"Virtual Computing Security Technical Implementation Guide" Version 1,
release0.1

Thank You in advance

Take Care and Have Fun --John

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: