From: baumgartner@oneconsult.com
Date: Sun Jun 11 2006 - 09:13:27 EDT
Hi,
Your idea of combining several functionalities is not so new. So called
vulnerability management tools and systems (e.g. SkyBox) combine assessment
tools like vulnerability scanners (e.g. Nessus, GFI Languard, Retina), port
and network scanners (e.g. Nmap) with security patching funcionality.
But the idea, to combine pen test tools with intrusion detection and
prevention is knew (as far as I know). But I would not combine such
functionalities because pen testing and IPS are following different
approaches. A pen test searches for all (technical) security weaknesses and
flaws in the target systems (configuration, firmware, os, applications,
services in use, patching level, etc.). An IDP/IPS analyses the network
traffic based on patterns.
I would recommend to take a look at the open source tools nmap
(www.nmap.org), nessus (www.nessus.org) and snort (www.snort.org) to have an
idea of the complexity of state of the art security scanners and ids/ids.
Maybe you might code a control cockpit for (open source) security scanners
and idp/ips.
Regards,
Christoph Baumgartner
--
OneConsult GmbH
IT Security & Strategic Consulting
Christoph Baumgartner
lic. oec. publ., OPST
CEO
Zürcherstrasse 73, 8800 Thalwil, Switzerland
Tel.: +41 43 443 52 52 - Fax: +41 43 443 52 62
baumgartner@oneconsult.com - www.oneconsult.com
mh_omair@yahoo.com writes:
> HEllo;
> By the way l I am new to this list.... iam final year student of computer science...my final year project is a penetration testing tool.. actually we are trying to merge capabilites of both pen test tool and IPS(not just providing testing but remedies too).. i donot know if i
> am thinking in wrong way....
> I donot know where to start...please tell me some suggestion and resources that can help me in my project...right now i need good basics and then advance concept... i believe if i can pentrate a system than it would be easy to close that doors for others.
>
> Waiting for poistive response.....
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:04 EDT