Re: Tools to use for Penetration Testing?

["J. Oquendo" <sil () infiltrated net>]

On Sat, 13 Sep 2008, Shenk, Jerry A wrote:

> Most tools from 2004 will still work...some links might be a problem but
> the tools work.  Don't get too excited about a "wasting time" on old
> tools.  There are still a LOT of old holes.  You need the new stuff too
> but you'd better catch the old stuff.

I need to fix my car, therefore I will go into Sears
purchase every single automotive related tool, take
my car apart, hope to understand what I'm doing,
then attempt to put it back together. Can anyone
tell me which tools I can buy to undergo this task?

Downloading tools means nothing if you don't fully
understand what it is you are doing. Take the time
to learn the protocols, how things work, learn how
intercommunications work before attempting to just
download every tool you can find.

Penetration testing is not always a science and not
always an art. There is a lot of information to be
understood. So you go and download all these tools
for what? Would you understand how to glean info
from a packet capture? Would you understand the
difference between networks, servers, protocols.

My suggestion would be to begin reading into the
OSI layers then moving on to RFC's. I'd start with
networking since without a network, there would be
no compromise. Local machine with login, sure, but
there could be no hacks pulled off on the LAN side
since there is no connectivity.

Understand how processes communicate with each
other, how and why things happen. Its easier down
the road to understand what is going on in terms
of security. One doesn't need uber tools if one
knows what they're doing from the protocol level
on up.

Suggestion: Learn networking, learn systems, learn
protocols otherwise you end up devaluing the works
of others not to mention yourself. A monkey can be
trained to run a tool and most tools out there are
that simple. Understanding the entire range of the
what you are doing is better in the long run, think
about it, if I hired you to perform a pentest on
my network and you couldn't explain to me what it
is you intend on looking for, how it works in my
network, what functions my vulnerabilities perform,
why I should remove these functions, I'd sit back
in my desk and think the script kiddiot in you.

Too many (quote) professional pentesters have been
taking this attitude: "I use Cenzic!@$" that it
makes me wonder where this industry is headed. It
also makes me think about how many vulnerabilities
unclued pentesters can bring into an environment.


-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, CNDA, CHFI, OSCP

"A good district attorney can indict a ham sandwich
if he wants to ... The accusations harm as much as
the convictions ... they're obviously harmful or it
wouldn't be news.." - John Carter

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------