Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: [PEN-TEST] Noisy/stealthy ?

Re: [PEN-TEST] Noisy/stealthy ?

From: N Catlow <n.catlow_at_ERIS.DERA.GOV.UK>
Date: Mon, 13 Nov 2000 12:17:25 +0000

Stealthy scans can be unreliable on noisy networks, if the customer
wants a 'stealthy' scan to stimulate IDS then fine but I would confirm
the actual security of a system with a full scan.

To 'simulate' a real attack is very hard purely from a time
perspective potential intruders have a great deal of time to scan
networks stealthily, there is relatively little time on an average
pentest.

I think there is a distinct difference between a security/services
assessment and a detection/response assessment that comes under the
umbrella of a pentest but would require different scan techniques.

regards,

Nathan. 

--
N.Catlow_at_eris.dera.gov.uk |  All opinions  | IT Security, DERA,
                          | are my own and | WWB009, St Andrews Rd,
                          |   not DERA's   | Malvern, Worcs, England.
*I'd love to give my 0.02 worth - Have you got change for a dollar?*
Received on Nov 14 2000
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos