Penetration Testing mailing list archives
Re: Pen Test success rate
From: jfvanmeter () comcast net
Date: Thu, 30 Aug 2007 06:47:55 +0000
Is that all that is outlined in the scope of the test? can I use social engineering and viruses/trojans? can I get phyical access to the site? can i leave a few usb drivers laying around? Am I allowed to DoS production machines? I would say if I am allowed to use social engineering and leave a few usb drives laying around the site that I can get in. take care and have fun --John -------------- Original message ---------------------- From: James Kelly <macubergeek () comcast net>
Given this scenario: Red team pen test from the Internet with no information or cooperation from IT staff. What would be a reasonable success rate of breaking in to say at least DMZ machines? Of internal hosts on private network? ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Pen Test success rate James Kelly (Aug 29)
- Re: Pen Test success rate Serg B. (Aug 30)
- Re: Pen Test success rate nnp (Aug 30)
- Re: Pen Test success rate Zion (Aug 30)
- <Possible follow-ups>
- Re: Pen Test success rate jfvanmeter (Aug 30)
- Re: Pen Test success rate krymson (Aug 31)