Penetration Testing: Re: LAMP and postfix-dovecot security

["Claudio \"BlackFire\" Criscione" <blackfireml () securenetwork it>]

[...]
>  shell, if only to improve my Linux knowledge. If I start using web
>  management interfaces, I won't really understand how things work and are
>  being secured/changed, I will only presume that they are. I never trusted
>  Windoze wizards because I did not know what they did underneath.
I can't but agree. It really depends on which kind of infrastructure you're 
managing, but if you are handling only a small amount of advanced users, go 
for the shell! :)

> I am testing in stages, ensuring each layer is securely configured before
>  adding a new layer. The pdf to which you link is very good, all the
>  information and more that I gathered from several sources is here all in
>  one place, I wish I had come across it sooner.
You're welcome ;-)


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------