Penetration Testing mailing list archives
RE: VOIP Pen TEST
From: "John Babio" <jbabio () po-box esu edu>
Date: Mon, 26 Nov 2007 15:24:49 -0500
I know that cain has the ability so sniff VoIP. What brand VoIP equipment are you testing? -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of harshad.mengle () wipro com Sent: Monday, November 26, 2007 12:33 AM To: pen-test () securityfocus com Subject: VOIP Pen TEST Hi All: I am looking for a Information on VOIP Pen Test. If anybody has worked on it. Pls share his experience. Regards, Harshad -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gleb Paharenko Sent: Sunday, November 25, 2007 4:23 PM To: Attari Attari Cc: pen-test () securityfocus com Subject: Re: Pen Test Success Factors Hi. The question seems be deeply related to "what is security?". In my opinion there is an important factor except vulnerabilities - information disclosure about network topology, versions of installed software which are discovered using black box testing. In case information leaks were not found, you can show your methodology of security testing, checklists. For each application you can define the vector of possible attacks and methods how to check if an application is vulnerable. Checklists for hardening software also show that system is secure enough. 2007/11/21, Attari Attari <c70n3 () yahoo co in>:
Hi List, For a client to evaluate success of a pen test what would go down as Key Success Factors. I spoke to one client and he opined that more issues a pen tester finds the more successful it is for them and highlights the quality of tester. They also feel that if tester has found few or no vulnerabilities, the testers are simply no good. I know majority of testers on this list would disagree with this, and right so. In such a case what we as testers could communicate acceptable success
factors to the client, in priority order?
Clone
Save all your chat conversations. Find them online at
http://in.messenger.yahoo.com/webmessengerpromo.php
----------------------------------------------------------------------
--
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
----------------------------------------------------------------------
--
-- Best regards. Gleb Pakharenko. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Pen Test Success Factors Attari Attari (Nov 24)
- Re: Pen Test Success Factors Gleb Paharenko (Nov 25)
- VOIP Pen TEST harshad.mengle (Nov 26)
- Re: VOIP Pen TEST Elad Shapira (Nov 27)
- RE: VOIP Pen TEST John Babio (Nov 27)
- RE: VOIP Pen TEST harshad.mengle (Nov 27)
- RE: VOIP Pen TEST John Babio (Nov 27)
- VOIP Pen TEST harshad.mengle (Nov 26)
- Re: Pen Test Success Factors Gleb Paharenko (Nov 25)