Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: stuck with concepts...
From: "Benjamin Tomhave" <list-procurare () secureconsulting net>
Date: Mon, 24 Apr 2006 17:46:32 -0400

As much as it pains me to provide the reference, a book like Hacking Exposed
(currently in 5th ed.) provides the info you're needing.  Think of it as a
basic explainer in the process you're developing.  Probably can get a copy
at any old bookstore.
http://www.amazon.com/gp/product/0072260815/sr=8-2/qid=1145915107/ref=pd_bbs
_2/102-8873215-1096951?%5Fencoding=UTF8

---
Benjamin Tomhave, CISSP
falcon () secureconsulting net
http://falcon.secureconsulting.net/
http://www.linkedin.com/pub/0/622/964

"We must scrupulously guard the civil liberties of all
citizens, whatever their background. We must remember
that any oppression, any injustice, any hatred is a
wedge designed to attack our civilization."
-President Franklin Delano Roosevelt
 

-----Original Message-----
From: Joel Jose [mailto:joeljose420 () gmail com] 
Sent: Monday, April 24, 2006 1:22 AM
To: pen-test () securityfocus com
Subject: stuck with concepts...

people,
           i am facing a small conceptual difficulty in the 
project(ospttm.pbwiki.com). we need to do a reconnaisance of 
the target and prepare logistics for the attack, like mapping 
the target network.. etc but when we use nessus and 
metasploit, where do our efforts fit the picture?.. when we 
have correctly mapped the target network using 
firewalk,nmap,amap..etc . Ok the whois and dnsquery can give 
you target ip's to put in nessus, but what bout others?...

isthere a way to integrat our results with these automated 
tools?.. or the traditional method of using 
firewalk,nmap..etc has fallen down to current trends like nessus?

joel.
--
As soon as men decide that all means are permitted to fight 
an evil, then their good becomes indistinguishable from the 
evil that they set out to destroy.
                      - Christopher Dawson, The Judgment of Nations

--------------------------------------------------------------
----------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win 
the Analyst's Choice Award from eWeek. As attacks through web 
applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most 
comprehensive solutions to meet your application security 
penetration testing and vulnerability management needs. You 
have an option to go with a managed service (Cenzic 
ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help 
you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to 
confirm your results from other product. Contact us at 
request () cenzic com for details.
--------------------------------------------------------------
----------------




------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]