Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Internal pen-test
From: Ramiro Caire <ramiro.caire () gmail com>
Date: Wed, 02 Jul 2008 16:01:27 -0300

Hi Taras,

There are many things to check. Some things that springs to mind are:

- Access level on desktop PC
- Check the shares resources permissions
- Patch level on servers
- Wireless connections
- Sniffing
- Footprinting
- Physical security
- Internal ports on servers
- Check for unnecesary servers
- Unnecesary dial-up connections

And much more...

some useful links:


Taras P. Ivashchenko wrote:
Hello, everybody!

Is anybody made internal pen-tests?
What is the difference between external pen-test and internal?
As I think, in internal ARP spoofing, sniffing are possible, something more?

This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]