Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Auditing / Logging
From: Travis Schack <Travis () Vitalisec com>
Date: 13 Jan 2004 05:43:21 -0000

In-Reply-To: <Law9-OE46wLCVYl4maE00003f52 () hotmail com>

What software do you recommend for auditing / logging while performing
pen-test assessment.

I am interested in both network and application level.logging.

Thanks
-N

---------------------------------------------------------------------------
----------------------------------------------------------------------------



When I am testing, I capture all network traffic using TCPdump (in binary) and I use the script command to capture all 
terminal activity.  I also keep a separate record of all commands (using a spreadsheet, fairly high tech =) with time 
stamps and system IP address (if I am testing from multiple systems).  This allows myself or my client to search for 
specific activity in the binary TCPdump file.  I also keep all output files from all tools (if the tool allows it).

Travis Schack
Travis () Vitalisec com
Vitalisec, Inc.
www.Vitalisec.com
(720) 297-3300 

---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault