From: Omar Prunera Dols (oprunera@salleURL.edu)
Date: Thu Oct 28 2004 - 11:13:08 EDT
Hi all,
I totally agree with Todd with his definition of pen-testing (Pen-test is
like controlled hacking...), but when he says that there's no "exactly how
to do it manual", i would say that's not 100% correct. Have your ever
heard about OSSTMM?. This is the Open Source Security Testing Methodology
Manual, and is not a "how to do manual" but is a good guideline to perform
correctly a security test.
I recommend you to take a look at http://isecom.org and to the OSSTMM
See you
On Tue, 26 Oct 2004, Todd Towles wrote:
> Run over to insecure.org and look at all the tools. Pen-test is like
> controlled hacking...there is no "exactly how to do it manual" and to
> tell you the truth, there really shouldn't be one.
>
> Read, read read....and then..do do do in a controlled world. Reading
> everything in sight can get you to the door with the information but
> only "doing" can step you into the other room.
>
> > -----Original Message-----
> > From: Profeta [mailto:profetago@bol.com.br]
> > Sent: Tuesday, October 26, 2004 10:31 AM
> > To: pen-test@securityfocus.com
> > Subject: An idiot question
> >
> > Is there some sites that given an arsenal of tools to realize
> > pen tests ? I know that www.packetstormsecurity.nl is a good
> > start, but, there is another site that is more expecific to
> > download some tools ? Thanks the attention!
> >
> > Pr0ph3t
> >
> > --------------------------------------------------------------
> > ----------------
> > Internet Security Systems. - Keeping You Ahead of the Threat
> >
> > When business losses are measured in seconds, Internet
> > threats must be stopped before they impact your network. To
> > learn how Internet Security Systems keeps organizations ahead
> > of the threat with preemptive intrusion prevention, download
> > the new whitepaper, Defining the Rules of Preemptive
> > Protection, and end your reliance on reactive security technology.
> >
> > http://www.securityfocus.com/sponsor/ISS_pen-test_041001
> > --------------------------------------------------------------
> > -----------------
> >
> >
>
> ------------------------------------------------------------------------------
> Internet Security Systems. - Keeping You Ahead of the Threat
>
> When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology.
>
> http://www.securityfocus.com/sponsor/ISS_pen-test_041001
> -------------------------------------------------------------------------------
>
>
Sincerely,
-omar.
Omar Prunera i Dols
Networking Dept. - Security Area
Enginyeria i Arquitectura La Salle
Homepage: http://omar.squarespace.com
E-mail: oprunera@salleurl.edu
omar@isecom.org
omar@ideahamster.org
oprunera@gmail.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:08 EDT