-
April 3rd, 2003, 04:47 PM
#1
methedology and tools for penetration testing
Ok, I'm not real sure where this post should go, so for now I'm just going to drop it in to the MS Security forum until someone points me to a better forum (I didn't think this really belonged in the newbie security forum and I don't see a real home for this type of question)
So here is the deal. My company has recently tasked me to do formal penetration testing of our network (both internal and external). I have never done this on a formal basis and was wondering if any of you had before. I'm looking for methedology, white papers and tool suggestions for this. I have done some googling on it but what I mostly find is companies that provide this service for a fee and unfortunately my company is being rather tight fisted at the moment and they don't want to pay someone from outside to do this.
I do have some of my own tools, but most of my time has been spent in the firewall world and some bit in IDS technologies. I have used, to a certian degree, stuff like Netcat, Retina, etc to scan and footprint, but I don't know if this is enough for them or not. They seem to want true penetration testing, and I have tried to explain to them I'm not really the guy they want for this and that they should hire someone from outside that does this for a living, but like I said they are fairly tight fisted about this whole thing and want to do it "in house" for some reason.
So, does anyone here have suggestions, comments, ideas, etc? TIA
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|