I found this article in govermentsecurity.org found it interesting and informative so here its
Printable View
I found this article in govermentsecurity.org found it interesting and informative so here its
What a bunch of useless crap.
"Blind penetration tests" part symptom of bad information security management part euphemism for l33t h4x0rz wet dream.
Think about it, what use is a "blind penetration test"? For any company wishing to run a pen test, they should define what what to test and the expected results beforehand. The testing team should have a high level of knowledge (on a need to know basis of course with considerations of a seperation of duties, otherwise you may be asking for trouble especially if you are a pen test service provider) of the targeted system, this ensures the most efficient (read fastest and least expensive) audit but the most comprehensive.
cheers,
catch
Indeed. What penetration test? They're only doing some basic noninvasive recon stuff. The only "active" part of this document is the traceroute/nmap. Big deal :rolleyes: Any serious security professional should be able to do this blindfolded ;)
Just as an FYI, I spoke with GSecur and he wanted me to pass on that the document was never completed. (one of those "intended to but real life interfered"). I think, however, that a blind penetration test may have some value to find those things you don't know about or wouldn't think about. If all tests are done by those who know how things work, then they know what to expect or where to look.
If, however, it's done by someone who doesn't know they will look and poke in more places and may find things that were overlooked by those who are used to the existing sytem.
Just my take/opinion.
MsM: That's the reason why you should never test your own stuff. You know how it's build and will test along the same lines. Testing should be done by someone who has absolutely no idea on how you did it or how it works.
Reiteration
- Glossary of Computer Security TermsQuote:
penetration testing :
The portion of security testing in which the evaluators attempt to circumvent the security features of a system. The evaluators may be assumed to use all system design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The evaluators work under the same constraints applied to ordinary users.
http://www.radium.ncsc.mil/tpep/libr...CSC-TG-004.pdf
cheers,
catch
Gsecur hasn't impressed me with anything that I could label as 'legitimate' yet.
This document only add's to that opinion (or lack thereof). To be honest, I think it's like choosing to reinvent the wheel when there is no good reason to. catch said it, its a skiddie circle-jerk disguised as a "white paper".
I do these for a living. This is *NOT* how you go about it, and continue to offer this service as a legitimate, trusted company.
I partly disagree, here is why. You are right about knowing your own system and knowing what security issues you may or may not have. But also knowing or not knowing would give you more time to search in other areas of your computer for vulnerabilities. If you know that you are very secure with exploits of certian programs, the next best thing is to try to find other ways into your system and patch up.Quote:
Originally posted here by SirDice
MsM: That's the reason why you should never test your own stuff. You know how it's build and will test along the same lines. Testing should be done by someone who has absolutely no idea on how you did it or how it works.
You should always take a second opinion so to speak about your workings, incase you miss something. But someone has to test these things on a computer before commensing to reach out over a network and trying it on someone else.
I agree that you should always get a second opinion on your work. Sometimes people get too close ot their projects and lose that objective point of view you need. Its not on purpose but it is much easier for you to look and see how something -should- work, but ignore ow it is -actually- working