Some help on methodologies and reports

From: Nikolaj (lorddoskias@gmail.com)
Date: Wed Dec 27 2006 - 06:28:02 EST

• Next message: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Previous message: R. DuFresne: "Re: Re: CISSP"
• Next in thread: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Maybe reply: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Maybe reply: Shenk, Jerry A: "RE: Some help on methodologies and reports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I would like to ask a few question concerning some aspects of
penetration testing.

A friend setup a little lan to mimic an ISP. He has different services -
ranging from mysql to nagios etc. I was able to penetrate one of the
server which let me to another and so forth. Eg. I penetrated his
network. Now I want to create a legit report, so that it looks like a
real one. Can you give me links or some hints on what should one such
report include? Maybe there are drafts somewhere.

I feel that what I did was more plain hacking than just pen testing.
What are the differences between them, except the business relationship.

Regards.

• Next message: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Previous message: R. DuFresne: "Re: Re: CISSP"
• Next in thread: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Maybe reply: m.delibero@comcast.net: "Re: Some help on methodologies and reports"
• Maybe reply: Shenk, Jerry A: "RE: Some help on methodologies and reports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:30 EDT