At Gridlocked we represent whitehat security professionals, our audits
basically involve either (or both) of the following:
* Network Security Assessment
* Penetration Testing
We explain the methods behind our Network Security Assesments - network
mapping, host identification, information gathering, service inspection,
network scanning,
protocol probing, host fingerprinting, vulnerability assessment, use of
top commercial security tools combined with various opensource and
private utilities.
Penetration Testing - We hand over our policy and then explain we take on
the attackers perspective at actively aiming to exploit and compromise the
security of the servers. Using known and unknown (un-disclosed ) bugs.
bugs and detail them with a full technical report listing:
.Vulnerability Name
.Problem Description
.Severity Rating
.Impact
.Patch/fix methodologies
.Suggestions/workarounds
Alot of people still don't understand the terms that well, even though we
usually explain to them the different terminology in the scene. In the end
it doesn't really matter to much for them, we are there to secure there
systems, secure there data and help secure the internet.
Paul Rathborn
IT Security Engineer/System Admin Gridlocked Networks
E-Mail: admin_at_gridlocked.net "Lock onto
Gridlocked.net"
--------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Jul 07 2001
Intro
