From: Saint Anthony (saintpatrick@xasamail.com)
Date: Sat Jul 16 2005 - 11:35:52 EDT
This includes the selection of utilities and so on.
- Anthony Towry
Student
sauger@pre2post.com wrote:
> Hi list,
>
> I recently sent this email on the security-basics list, and
> afterwards discovered this list. I thought I'd repost it, since
> this is probably the best place for it.
>
> A quick couple of questions out of curiosity...
>
> 1) If you had to do a pen-test, what type of information would
> you need to begin with? External IP? Web site name?
> Anything else I'm forgetting?
> 2) What tools would you use for the pen-test? Nessus, Snort,
> Cain&Abel. Anything else that would be useful?
> 3) Any good docs on where to start? I can find my way around
> once I'm in, but it's the first step that's the problem.
> 4) Any templates on good contracts to cover myself?
>
> This pen-test will probably be for a network, but also for a web
> site that's hosted elsewhere. Both the network's and the hosing
> site's owners are aware and ready to sign off on it, so I'm
> pretty much aware of the legal ramifications, which is why I'd
> love to see some contract templates. I'll be backed up by
> others, but would still like the info on how to start so I can
> prepare.
>
> Thanks everyone!
>
> Stephane
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:35 EDT