From: Thomas Kerbl (thomas.kerbl@fh-hagenberg.at)
Date: Thu Mar 04 2004 - 13:08:43 EST
Hello list,
I'm currently doing some research for my thesis on penetration testing
methods. Therefor I'm looking for widely used standards in this area.
Here a collection of what I've already found:
* OSSTMM - Open Source Security Testing Methodology Manual
* Durchfuehrungskonzept fuer Penetrationstests (BSI - Germany)
* NIST Guideline on Network Security Testing (special publ. 800-42)
I tried (additional to google search) to find further standards in RFC
repositories, the IEEE publication database, CERT, the ITIL website and
of course the securityfocus archive. I couldn't find much usefull
information on the penetration-test topic. Of course there are many
great security ressources, but not exactly the information I was looking
for.
Can anyone point me to other standards for penetration testing? If there
are any other "must-read" papers (like ISO17799 for example) out there,
they are also welcome. I can make use of english and german documents.
tia,
Thomas Kerbl
-- ~ FH-Hagenberg: Computer & Media Security ~ http://cms.fh-hagenberg.at ~ my GPG key ID: 0x924042D1 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT