mailing list archives
Re: [PEN-TEST] Noisy/stealthy ?
From: N Catlow <n.catlow () ERIS DERA GOV UK>
Date: Mon, 13 Nov 2000 12:17:25 +0000
Stealthy scans can be unreliable on noisy networks, if the customer
wants a 'stealthy' scan to stimulate IDS then fine but I would confirm
the actual security of a system with a full scan.
To 'simulate' a real attack is very hard purely from a time
perspective potential intruders have a great deal of time to scan
networks stealthily, there is relatively little time on an average
I think there is a distinct difference between a security/services
assessment and a detection/response assessment that comes under the
umbrella of a pentest but would require different scan techniques.
N.Catlow () eris dera gov uk | All opinions | IT Security, DERA,
| are my own and | WWB009, St Andrews Rd,
| not DERA's | Malvern, Worcs, England.
*I'd love to give my 0.02 worth - Have you got change for a dollar?*