Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Security Audit

Re: Security Audit

From: bacano <bacano_at_esoterica.pt>
Date: Mon, 17 Sep 2001 13:53:54 +0100

Lets try to put things the other way around, for dont get in to the exercise
in semantics that Don Bailey said, or refering ourselfs to a pen test as if
it was only running a scanner or identify one hole in one server to can
exploit it without seeing anything else.

Regarding http://uk.osstmm.org/osstmm.htm, what are the topics for a zero
knowledge pen test or what is called there an Unrestricted Test?

Network Surveying
Port Scanning
System Identification
Services Probing
Vulnerability Research and Testing
Application Testing
Firewall & ACL Testing and Review
Security Policy Review
Privacy Review
Intrusion Detection System (IDS) Testing
Document Grinding (Electronic Dumpster Diving)
Social Engineering
Trusted Systems Testing
Password Cracking
Denial of Service (DoS) Testing
Wireless Network Testing
PBX Testing

[ ]'s bacano

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Sep 17 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]