mailing list archives
[PEN-TEST] Noisy ou stealthy ?
From: Nicolas Gregoire <nicolas.gregoire () 7THZONE COM>
Date: Wed, 8 Nov 2000 17:16:55 +0100
just a question about methodology.
When you are doing some pen-tests, do you use the noisy way (full port
range scan, lot of scanning for cgi whitout IDS evasion techniques,
brute force attacks on FTP) or the sthealthy one ?
I think that the noisy way is easiest (just schedule a Nessus scan , a
whisker scan and an ISS scan for the night, read the results and attack)
but can't really test the efficacity of corporate defenses.
The stealthy way is more time-consuming, but more funny ....
So, what's your method ?
- [PEN-TEST] Noisy ou stealthy ? Nicolas Gregoire (Nov 09)