From: Jürgen R. Plasser (plasser@hexagon.at)
Date: Tue Oct 03 2006 - 05:05:32 EDT
Jason Ross wrote:
> On 10/2/06, IndianZ <indianz@indianz.ch> wrote:
>> Hi there
>>
>> You can use open source tools:
>>
>> - logging packets with tcpdump (tcpdump -i ethX -nv -s0 -w FILE.pcap
>> -> additional you can use a net or host filter)
>> - console-logging with script (script FILE.txt -> Ctrl+D for exit and
>> save)
>> - pipe the output from testing tools into a txt-file (or use a script
>> with tee -a $log)
>
>
> additionally, metasploit has a logging module/feature which can be
> used when using that tool (see
> http://metasploit.com/projects/Framework/msf3/api/msfbase/classes/Msf/Logging.html)
>
>
> I also tend to use putty when on a windows platform, that application
> allows for logging to a file of all data, printable data only, and a
> few others. i usually configure it to use "&H_&Y-&M-&D_&T.log" which
> is 'putty' for "hostname_YYYY-MM-DD_HHMM.log" which i find a fairly
> useful naming convention.
I use putty a lot.
Usually I am taking all config files, output and logs from all tools,
but what I had in mind was a method to capture the "whole" process, not
only data flow. In my opinion screen recording seems to be a nice and
optional way to track the pentest visually.
First of all--and that's my standard procedure--it is necessary to
collect input/output/config data from all tools (and then md5), as many
of you wrote.
Thanks for the excellent feedback from all of you!
-- Jürgen R. Plasser ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:05 EDT