Penetration Testing mailing list archives
Re: rose fragmentation attack
From: "Jay" <jay.tomas () infosecguru com>
Date: Wed, 27 Jun 2007 14:39:29 -0400
DoS could very well be part of a penetration test. It just depends on whether you have permission from the client. It is important to understand every vector that may be used to attack the infrastructure. Customarily this would be a test environment that mirrors production that would not impact their clients if it was taken offline. Its better they know they are susceptable to DoS in a penetration test vs. when their site is offline for hours/days when a botnet comes a knocking. Jay ----- Original Message ----- From: Justin Ferguson [mailto:jnferguson () gmail com] To: pen-test () securityfocus com Sent: Wed, 27 Jun 2007 08:25:31 -0700 Subject: Re: rose fragmentation attack i apologize to everyone whose time i wasted with their helping me, but i was curious, The rose attack was a DoS, and I cannot recall a single penetration test where DoS was in scope, which should make one question the legitimacy of my request, however that didn't happen (i got a lot of pretty helpful replies) So really, whats the difference between what I asked and what this guy asked?
--- Nikolaj <lorddoskias () gmail com> wrote:Anyone has some first-hand info about this exploitation toolkit? Or any info where it can be bought?Kishore Penetration Tester Smart Security T.Nagar , Chennai Phone: 91 98841 80767
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- rose fragmentation attack Justin Ferguson (Jun 26)
- Re: rose fragmentation attack siddkantroo (Jun 27)
- <Possible follow-ups>
- Re: rose fragmentation attack eladexposed (Jun 27)
- RE: rose fragmentation attack Jay (Jun 27)
- Re: rose fragmentation attack Justin Ferguson (Jun 27)
- Re: rose fragmentation attack Roland Dobbins (Jun 27)
- Re: rose fragmentation attack Justin Ferguson (Jun 27)
- Re: rose fragmentation attack Jay (Jun 27)
- Re: rose fragmentation attack Jay (Jun 27)
- Re: rose fragmentation attack Justin Ferguson (Jun 27)