mailing list archives
Re: [PEN-TEST] First step of a pen-test
From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Tue, 19 Sep 2000 09:29:14 -0700
Let's start over again.
If you are given the the network domain name, one can start putting
together an initial network footprint.
ARIN database http://www.arin.net/whois/
Securities and Exchange Commission(SEC) http://www.sec.gov/
WHOIS database http://www.networksolutions.com
PhoneSweep by Sandstorm http://www.sandstorm.net
Network Mapper (Nmap) http://www.insecure.org/nmap
CyberCop Scanner 5.5 by NAI http://www.nai.com
Internet Scanner by ISS http:/www.iss.net
WebTrends Security Analyzerby WebTrends http://www.webtrends.com
At 02:38 PM 9/18/00 -0400, Christopher M. Bergeron wrote:
What is the industry norm for _beginning_ a pen-test after the contract
has been made? Would one first map the network? Try to war-dial the
exchange for possible remote (pcanywhere, etc). access machines? VRFY
email addresses to look for user logins? Is it typical to ask for
information about the network (ie. network architecture) beforehand or do
most pen-tests start "blindly" and do the network reconnaissance.
Thanks to anyone who addresses even one of my many questions.