Re: Penetration test of 1 IP address

From: thomas springer (tuevsec@gmx.net)
Date: Thu Feb 09 2006 - 14:43:29 EST

• Next message: dork@gmx.at: "Re: sql injection: url or form based?"
• Previous message: Butler, Theodore: "RE: Spyware assessment techniques"
• In reply to: Clemens, Dan: "RE: Penetration test of 1 IP address"
• Next in thread: Beau Mersereau: "RE: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If asking only for a webserver-asessment, dan's posting is the best i
saw until now.

Clemens, Dan wrote:

>Its not about using the right tools, its about asking the right
>questions.
>
>You could use a whole sleth of tools on some server, but if your using
>the wrong tools for the wrong problem you won't get anything back and
>you will in turn give your client the wrong impression of security when
>you told them you haven't found anything.
>
>
Roelof Temmingh from Sensepost once told me about penetration-testing:
"To understand the process we need to have done it many times. If you
cannot write the process down on paper you probably don’t understand it
completely."
I like the this statement.

Roelof wrote it down and made nice diagrams about the steps:
Footprinting - Fingerprinting - Targeting - Vulnerability discovery -
Penetration Testing.

Having a look at his presentation on
http://www.sensepost.com/restricted/BH2005-lv.pdf is worth it (you'll
have to register, but its free). While I personally find that the
mentioned tool does it's work usually slower and less accurate than i
do, i think the the flowchart on page 22 represents almost every
detailled step of a pentest. (I even did a second version of this chart
for myself to cover plain webapplication testing.)

You might find, that its useful to do some foot- and fingerprinting to
be able to ask the right questions afterwards. The mentioned
presentation is a great primer.

thomas

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: dork@gmx.at: "Re: sql injection: url or form based?"
• Previous message: Butler, Theodore: "RE: Spyware assessment techniques"
• In reply to: Clemens, Dan: "RE: Penetration test of 1 IP address"
• Next in thread: Beau Mersereau: "RE: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:29 EDT