RE: Penetration testing scope/outline

From: Tate Hansen (tate@ClearNetSec.com)
Date: Wed Oct 06 2004 - 18:10:00 EDT

• Next message: bianco@jlab.org: "Zaurus audit tools"
• Previous message: Ola: "Re: Pentesting 3COM"
• In reply to: Billy Dodson: "Penetration testing scope/outline"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I ran across these publications in an ISSEP seminar; the first link covers a
lot of publications addressing all things security, the second contains
specific details on security audits/penetration testing.

Try:
http://csrc.nist.gov/publications/nistpubs/

Specifically:
http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf
-Tate

-----Original Message-----
From: Billy Dodson [mailto:CraftedPacket@securitynerds.org]
Sent: Tuesday, October 05, 2004 8:45 AM
To: pen-test@securityfocus.com
Subject: Penetration testing scope/outline

Anyone have any documents they are willing to share on the scope of work for
a pen-test? I have looked online but was unable to find any available
documentation. If anyone could provide me with a some links or
documentation outlining a pen-test/network audit it would be greatly
appreciated.

----------------------------------------------------------------------------

--
Internet Security Systems. - Keeping You Ahead of the Threat
When business losses are measured in seconds, Internet threats must be
stopped before they impact your network. To learn how Internet Security
Systems keeps organizations ahead of the threat with preemptive intrusion
prevention, download the new whitepaper, Defining the Rules of Preemptive
Protection, and end your reliance on reactive security technology. 
http://www.securityfocus.com/sponsor/ISS_pen-test_041001
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Internet Security Systems. - Keeping You Ahead of the Threat
When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. 
http://www.securityfocus.com/sponsor/ISS_pen-test_041001
-------------------------------------------------------------------------------

• Next message: bianco@jlab.org: "Zaurus audit tools"
• Previous message: Ola: "Re: Pentesting 3COM"
• In reply to: Billy Dodson: "Penetration testing scope/outline"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:07 EDT