Penetration Testing mailing list archives
RE: Pen Test of a ESX Server
From: "Mohr, James" <James.Mohr () ParkNicollet com>
Date: Thu, 16 Aug 2007 08:55:28 -0500
You could begin with the review procedures in the corresponding checklist, (though you may have already thought of that since you are testing against the STIG). http://iase.disa.mil/stigs/checklist/vmchklst-v2r12-APR06.doc Good luck, Jim -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of jfvanmeter () comcast net Sent: Wednesday, August 15, 2007 10:01 AM To: pen-test () securityfocus com Subject: Pen Test of a ESX Server I have a assignment to complete a pen test of a ESX server and was hoping to get some thoughts from everyone on how and what to test. I need to check to see if the server is configured in accordance with the "Virtual Computing Security Technical Implementation Guide" Version 1, release0.1 Thank You in advance Take Care and Have Fun --John ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Pen Test of a ESX Server jfvanmeter (Aug 15)
- RE: Pen Test of a ESX Server Paul Melson (Aug 16)
- RE: Pen Test of a ESX Server Mohr, James (Aug 16)
- <Possible follow-ups>
- RE: Pen Test of a ESX Server jfvanmeter (Aug 16)
- RE: Pen Test of a ESX Server jfvanmeter (Aug 16)