From: Benjamin Tomhave (list-procurare@secureconsulting.net)
Date: Mon Apr 24 2006 - 17:46:32 EDT
As much as it pains me to provide the reference, a book like Hacking Exposed
(currently in 5th ed.) provides the info you're needing. Think of it as a
basic explainer in the process you're developing. Probably can get a copy
at any old bookstore.
http://www.amazon.com/gp/product/0072260815/sr=8-2/qid=1145915107/ref=pd_bbs
_2/102-8873215-1096951?%5Fencoding=UTF8
--- Benjamin Tomhave, CISSP falcon@secureconsulting.net http://falcon.secureconsulting.net/ http://www.linkedin.com/pub/0/622/964 "We must scrupulously guard the civil liberties of all citizens, whatever their background. We must remember that any oppression, any injustice, any hatred is a wedge designed to attack our civilization." -President Franklin Delano Roosevelt > -----Original Message----- > From: Joel Jose [mailto:joeljose420@gmail.com] > Sent: Monday, April 24, 2006 1:22 AM > To: pen-test@securityfocus.com > Subject: stuck with concepts... > > people, > i am facing a small conceptual difficulty in the > project(ospttm.pbwiki.com). we need to do a reconnaisance of > the target and prepare logistics for the attack, like mapping > the target network.. etc but when we use nessus and > metasploit, where do our efforts fit the picture?.. when we > have correctly mapped the target network using > firewalk,nmap,amap..etc . Ok the whois and dnsquery can give > you target ip's to put in nessus, but what bout others?... > > isthere a way to integrat our results with these automated > tools?.. or the traditional method of using > firewalk,nmap..etc has fallen down to current trends like nessus? > > joel. > -- > As soon as men decide that all means are permitted to fight > an evil, then their good becomes indistinguishable from the > evil that they set out to destroy. > - Christopher Dawson, The Judgment of Nations > > -------------------------------------------------------------- > ---------------- > This List Sponsored by: Cenzic > > Concerned about Web Application Security? > Why not go with the #1 solution - Cenzic, the only one to win > the Analyst's Choice Award from eWeek. As attacks through web > applications continue to rise, you need to proactively > protect your applications from hackers. Cenzic has the most > comprehensive solutions to meet your application security > penetration testing and vulnerability management needs. You > have an option to go with a managed service (Cenzic > ClickToSecure) or an enterprise software (Cenzic Hailstorm). > Download FREE whitepaper on how a managed service can help > you: http://www.cenzic.com/news_events/wpappsec.php > And, now for a limited time we can do a FREE audit for you to > confirm your results from other product. Contact us at > request@cenzic.com for details. > -------------------------------------------------------------- > ---------------- > > ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:52 EDT