RE: Pen-Testing Windows from Solaris

From: Aleksander P. Czarnowski (alekc@avet.com.pl)
Date: Mon May 12 2003 - 18:00:28 EDT

• Next message: SecuredSite: "Re: Auto-Run CD - Disabling Screensavers"
• Previous message: Ballowe, Charles: "RE: Pen-Testing Windows from Solaris"
• In reply to: peter.king: "Pen-Testing Windows from Solaris"
• Next in thread: Bojan Zdrnja: "RE: Pen-Testing Windows from Solaris"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,
You definitively need to install nmap together with C compiler, Perl and Python to run some exploits for IIS for example. There are also Perl scripts for netbios shares enumeration etc. However I really can't imagine an effective pen-test process of MS SQL without MS SQL tools. Active Directory and MS RPC can be quite tricky to pen-test from Solaris too (no ResKit tools). If you can tap into LAN network, than definitively install a sniffer, you can get away with snoop but I would strongly recommend tool like dsniff but I don't know if it can be compiled cleanly under Solaris.
Cheers,
Aleksander Czarnowski
AVET INS

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

• Next message: SecuredSite: "Re: Auto-Run CD - Disabling Screensavers"
• Previous message: Ballowe, Charles: "RE: Pen-Testing Windows from Solaris"
• In reply to: peter.king: "Pen-Testing Windows from Solaris"
• Next in thread: Bojan Zdrnja: "RE: Pen-Testing Windows from Solaris"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT