Rather interesting page...
http://www.vulnerabilityassessment.c...on%20Test.html
Kinda hard to see on my small laptop screen but seems rather broad in all the things you can do during a pen test.
Printable View
Rather interesting page...
http://www.vulnerabilityassessment.c...on%20Test.html
Kinda hard to see on my small laptop screen but seems rather broad in all the things you can do during a pen test.
Wow...what a great link..
Thanks MsM
MLF
thats pretty slick....now if I only had my plotter......
Awesome! Thanks much for providing the link MsM. :D
This may actually help in a discussion we are having here. Someone in our audit organization has suggested that we (internal Audit) start performing "sample penetration testing" and rely on tests from our internal IT security organization as part of our sampling. Does that seem feasible? Objective? Logical? Let me know if I need to clarify.
Thanks again MsM!
Yes...it is a really nice list of the steps to perform a pen test or self audit
...for newbs in security...like me :p
MLF
Wow, that site's rich. So much software, so little time. It begs the question, where does one start?
Is it better to learn a basic set of security apps well, or throw yourself into ALL these ass't apps? Am I correct in assuming a pentest this extensive is conducted by a team of individuals?
Also note the absence of "Cain & Abel".
edit -- no "ettercap" either.
Hey Hey,
I'd have to say that while I'm partially impressed with the effort that went into this and the fact that it's centralized some information... I'm not overly impressed with the quality...
Many of the steps listed are redundant... you'll be gathering the information for yourself time and time again... Some of the utilities in question are rather useless...
Generally when you are performing a penetration test only one person knows of it.... The person who has authorized it... The remainder of the company is in the dark... part of the reason for this is that one of the things you want to see is how well your IT Staff identifies incoming threats and handles them... How they respond...
If anyone ever hired a pen-test company to run a brute force attempt... I'd have to question them... an internal audit may test password complexity but a brute force... it ain't going to happen... Connecting to a server to grab the banner and then connecting again to use it... If their IDS watches for repeated connections to the same service all you are doing is bumping the counters up as the data has to only be returned once... WHen you connect to a service to use it.. the banner is returned.. even if you don't see it... That's what a sniffer is for... To see what is returned that you don't normally see..
and p0f... I couldn't imagine waiting to passively fingerprint hosts once you're inside... and you'd have to already be inside the network... generally... especially in companies... you can determine the device type and sometimes OS by the naming convention and there's less obvious ways to do it... Or you could send out a few ICMPs and watch the responses... ICMPs are part of regular traffic quite often and would be much quicker to determine the hosts..
Brokencrow: You're an interesting character... for someone who throws themselves around as a security heavy weight quite often in many other threads your questions show little to no knowledge... but you would never perform everything on this pentest chart... brute forcing wouldn't be done.. and a number of other things would not be done... as for the tools... it's a very small subset of what I consider "standard" tools... grab them all and play with them... no need to learn a basic set and move on.. they all do different things... You'll find practically all of these... and many more available on the Backtrack CD.... grab it and play...
Peace,
HT
Interesting viewpoint HT. Before they officially move pen testing out of our department, I wanted to update our program, and was curious as to know what you would change on the layout from the link MsM provided? I have gone over various material here already on AO, and I also look to ISACA, SANS and a list of other resources, but I am always open to learn more. To badger a cliche, "I find the more I learn, the more I don't know." TIA.
I still have to question the move my department is making with this. At this point, and I could be having my own personal issue here, but have IT pen test IT seems to be a conflict of interest. And for me and my cohorts needing to rely on those pen test results, I question the objectvity of it. Also, and believe me, I am not expert, but it has taken years to develop us to cover the breadth of our enterprise, and I know these resources do not exist now in security, how will they handle this? However, as I stated, that could just be my own interests coming into play.
MsM - please continue to share as well if you find more information on pen testing! Thanks!
Very well said HTRegz.
good!
this schema is the most near from penetration web reality, so, exist another methods or another software? the schema is good.
greetz