Penetration Testing mailing list archives

Re: Pen Test success rate

From: nnp <version5 () gmail com>
Date: Thu, 30 Aug 2007 10:26:53 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There are far too many variables here to give anything besides a
complete guess. I'm going to say 42, purely because its a nice number.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: http://firegpg.tuxfamily.org

iD8DBQFG1o0NwWIBIgfLjmQRAm8sAJ9B4J0XVdiWY0gtDxEkHzNtpJ5GEQCeLHKy
ySIdsvpYt0urlZLRv9+q/6k=
=lnsi
-----END PGP SIGNATURE-----

On 8/29/07, James Kelly <macubergeek () comcast net> wrote:

Given this scenario: Red team pen test from the Internet with no
information or cooperation from IT staff.

What would be a reasonable success rate of breaking in to say at
least DMZ machines? Of internal hosts on private network?



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



-- 
http://www.smashthestack.org
http://www.unprotectedhex.com

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Pen Test success rate James Kelly (Aug 29)
- Re: Pen Test success rate Serg B. (Aug 30)
- Re: Pen Test success rate nnp (Aug 30)
- Re: Pen Test success rate Zion (Aug 30)
- <Possible follow-ups>
- Re: Pen Test success rate jfvanmeter (Aug 30)
- Re: Pen Test success rate krymson (Aug 31)