|
Penetration Testing
mailing list archives
Re: Small Network Pen Testing
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Sat, 04 Nov 2006 14:28:00 +0100
Rocky wrote:
they wanted me to pen testing their network and i did
1) it is unethical to pen test a network you designed, because you
already know what you will find, you already know the internals, so what
kind of "penetration test" are you doing ?
using purely nmap.
2) Selling an nmap scan as a pen test is even worse than unethical.
Is there any simple and precise method for pen testing
small network?
This process is composed of 2 steps
1) evaluate if a penetration test is really needed (it sounds as it
probably isn't) and then
2) have your customer hire someone else than yourself, who can also in
fact do a penetration test
Sorry for the bluntness.
Stefano
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
Intro
