Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: RE: Sizing Pentest

RE: Sizing Pentest

From: Anup Singh <anup_at_ealcatraz.com>
Date: Wed, 4 Jul 2001 09:51:22 +0530

Hi

I was overwhelmed at the response i got out here. I must express my
gratitude.
The SAS70 doc is not available freely. U have to purchase it. INMO if you
are in the line of Auditing networks and Pen Testing, it would be a good
investment.

Regards

Anup

-----Original Message-----
From: Pybus, David [mailto:DPybus_at_colt-telecom.com]
Sent: Monday, July 02, 2001 1:19 PM
To: anup_at_ealcatraz.com
Subject: RE: Sizing Pentest

Is this document freely available and if so where can I get a copy.

Regards,
David Pybus

Security Engineer - Colt Internet

-----Original Message-----
From: Anup Singh [mailto:anup_at_ealcatraz.com]
Sent: 29 June 2001 09:08
To: 'Leonardo Loro'; 'Penetration Testing (E-mail)'
Subject: RE: Sizing Pentest

I think The pentest for a financial institution should conform to SAS 70
document for financial information security. Go thro the document.. you
should have a fair enuff idea..

regards

-----Original Message-----
From: Leonardo Loro [mailto:leoloro_at_microsoft.com]
Sent: Thursday, June 28, 2001 11:19 AM
To: Penetration Testing (E-mail)
Subject: Sizing Pentest

Hi all,

Which keypoints should be taken in account when sizing a pen test (for a
financial institution that wants to check the vulnerabilities of their
intranet systems vulnerability). Should it be charged x hour? X server?
X Deliverables?

Basically, they have 10 Sun 450e and 10 W2k servers on their intranet,
and a PIX in to work as a FW in front of them.

Thx,

Leo

----------------------------------------------------------------------------
----------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service
For more information on SecurityFocus' SIA service which automatically
alerts you to
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/

**********************************************************************
COLT Telecommunications
Registered in England No. 2452736
Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ
Tel. 020 7390 3900

This message is subject to and does not create or vary any contractual
relationship between COLT Telecommunications, its subsidiaries or
affiliates ("COLT") and you. Internet communications are not secure
and therefore COLT does not accept legal responsibility for the
contents of this message. Any view or opinions expressed are those of
the author. The message is intended for the addressee only and its
contents and any attached files are strictly confidential. If you have
received it in error, please telephone the number above. Thank you.

**********************************************************************

--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/
Received on Jul 05 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos