From: jalvare7@cajastur.es
Date: Mon Feb 06 2006 - 03:45:19 EST
Simply, sure!
Conceptually you're trying to discover the vulnerabilities of an
environment and show the possible magnitude of an attack on them. If you
find a password on a postít, or get the administrator to read a forged
mail with a tojan in it... Those are all exploits of a vulnerable system,
and there are controls needed to protect againts them, so you are supposed
to report them.
Regards
Juan Alvarez
Hi
In yuor opinion, can a Social Engineering test be considered part of a
Pen-Test?
Thanks
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:27 EDT