Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Internal pen-test
From: Ramiro Caire <ramiro.caire () gmail com>
Date: Wed, 02 Jul 2008 16:01:27 -0300

Hi Taras,

There are many things to check. Some things that springs to mind are:

- Access level on desktop PC
- Check the shares resources permissions
- Patch level on servers
- Wireless connections
- Sniffing
- Footprinting
- Physical security
- Internal ports on servers
- Check for unnecesary servers
- Unnecesary dial-up connections

And much more...

some useful links:
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
http://www.penetration-testing.com/
http://www.securestate.com/Profiling/Pages/Internal-Pen-Test.aspx

Regards
Ramiro




Taras P. Ivashchenko wrote:
Hello, everybody!

Is anybody made internal pen-tests?
What is the difference between external pen-test and internal?
As I think, in internal ARP spoofing, sniffing are possible, something more?



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]