Home page logo

basics logo Security Basics mailing list archives

RE: Vulnerability Assessment Checklists?
From: Random Task <rand0m_t4sk () yahoo com>
Date: Thu, 4 Dec 2003 11:53:42 -0800 (PST)

I've been reviewing this recently, as I am in a similar situation to
Kim (though I am paid and work with more experienced guys.) So far it
seems fairly logical, but I'm not very far through it. I would like
to know this, though: of those pen-testers out there who follow the
OSSTMM, either strictly or loosely, has it helped your performance?
Has it helped you to catch items you would/might have otherwise
missed? Have you seen it worthwhile to become a member of ISECOM? Why
or why not?


random task

(Lachlan, sorry for that lone direct reply...*grumbles at reply
functionality for the list*)

--- "McGill, Lachlan" <mcgilll1 () anz com> wrote:
Try the following link for the Open Source Security Testing
Methodology manual:


-----Original Message-----
From: Kim Clark [mailto:kclark20001 () hotmail com]
Sent: Tuesday, 2 December 2003 9:46 AM
To: security-basics () securityfocus com
Subject: Vulnerability Assessment Checklists?


I've finished my Security+, and am almost through my Security
Network Professional training.

I'm looking for some basic tips and resources (checklists or
templates?) to 
do some vulnerability assessments because I just went  to  donate
services at a nonprofit job fair and got plenty of responses.

Since I've never evaluated the security posture of a company before
I could 
use some resources on how to best get started. They run the gamut
from P2P 
to WANs. Of course, I want to give them some value while gaining
experience for my resume.

Thanks in advance,

Kim Clark

Need a shot of Hank Williams or Patsy Cline?  The classic country
stars are 
always singing on MSN Radio Plus.  Try one month free!  





Do you Yahoo!?
Free Pop-Up Blocker - Get it now


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]