|
Penetration Testing
mailing list archives
Re: Info collection
From: Ali-Reza Anghaie <ali () packetknife com>
Date: Thu, 05 Aug 2004 22:57:08 -0400
On Wed, 2004-08-04 at 11:01, Jeff Gercken wrote:
I am attempting to refine my methods of evaluating servers and am
wondering what information you all gather during an assessment on
various platforms. These would be run on the target machines with
privileged accounts (root or administrator). They should be scriptable
& statically compiled or at least not have any unusual dependencies.
Examples:
Fport
Portqryv2
LADS
Dumpwin
Lsof
Netstat -an / -ln
Tiger
Hfnetchk
Msinfo32
Winmsd
It looks like you have a mix of platforms in the commands above. How
about other items (mixed platforms again) like:
MS Baseline Security Analyser
rpm -V (or other package integrity checkers)
find -perm (sticky bit, sgid, etc.)
tripwire
inzider
dumpsec (from hyena)
crontab information
startup/rc.d
*shrug* Depends on what you're trying to accomplish and log.
Cheers, -Ali
--
OpenPGP Key: 030E44E6
--
Was I helpful?: http://svcs.affero.net/rm.php?r=packetknife
--
May you do Good Magic with Perl. -- Larry Wall
Attachment:
signature.asc
Description: This is a digitally signed message part
 By Date 
By Thread
Current thread:
| 
Intro
