From: harshad.mengle@wipro.com
Date: Mon Nov 26 2007 - 00:32:41 EST
Hi All:
I am looking for a Information on VOIP Pen Test. If anybody has worked
on it.
Pls share his experience.
Regards,
Harshad
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Gleb Paharenko
Sent: Sunday, November 25, 2007 4:23 PM
To: Attari Attari
Cc: pen-test@securityfocus.com
Subject: Re: Pen Test Success Factors
Hi.
The question seems be deeply related to "what is security?".
In my opinion there is an important factor except vulnerabilities -
information disclosure about network topology, versions of installed
software which are discovered using black box testing.
In case information leaks were not found, you can show your methodology
of security testing, checklists. For each application you can define the
vector of possible attacks and methods how to check if an application is
vulnerable. Checklists for hardening software also show that system is
secure enough.
2007/11/21, Attari Attari <c70n3@yahoo.co.in>:
> Hi List,
>
> For a client to evaluate success of a pen test what would go down as
> Key Success Factors. I spoke to one client and he opined that more
> issues a pen tester finds the more successful it is for them and
> highlights the quality of tester. They also feel that if tester has
> found few or no vulnerabilities, the testers are simply no good. I
> know majority of testers on this list would disagree with this, and
> right so.
>
> In such a case what we as testers could communicate acceptable success
> factors to the client, in priority order?
>
> Clone
>
>
> Save all your chat conversations. Find them online at
> http://in.messenger.yahoo.com/webmessengerpromo.php
>
>
> ----------------------------------------------------------------------
> --
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ----------------------------------------------------------------------
> --
>
>
-- Best regards. Gleb Pakharenko. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:13 EDT