An Amateur Pen-Test

From: David Fuller (burchoff2000at_private)
Date: Thu Jun 21 2001 - 10:58:40 PDT

Next message: Alan Olsen: "Re: Penetration Test: TACACS"

Previous message: IUSR_MAIL: "Re: [Re: Linksys Pen Test]"
Next in thread: max: "Re: An Amateur Pen-Test"
Reply: max: "Re: An Amateur Pen-Test"
Reply: Damieon Stark: "Re: An Amateur Pen-Test"
Reply: Brown, Joel: "RE: An Amateur Pen-Test"
Reply: Jeff Magwood: "Re: An Amateur Pen-Test"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

My ISP has asked me to do a penetration test for them and I would like to
get an overview of what I should do short of running Nessus and banging on
there (IDS / Logs) door. I have gone over there network with a few scripts
and knowledge I have picked up from the list and Security Focus and I have
discovered all there class C address spaces, I have found two servers
vulnerable to a Unicode exploit and from there able to find out about a few
host sitting behind a ACL / Firewall. Is there anything else I should be
doing... like testing there firewall and seeing if I can scan the network
behind it.

David.


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Next message: Alan Olsen: "Re: Penetration Test: TACACS"
Previous message: IUSR_MAIL: "Re: [Re: Linksys Pen Test]"
Next in thread: max: "Re: An Amateur Pen-Test"
Reply: max: "Re: An Amateur Pen-Test"
Reply: Damieon Stark: "Re: An Amateur Pen-Test"
Reply: Brown, Joel: "RE: An Amateur Pen-Test"
Reply: Jeff Magwood: "Re: An Amateur Pen-Test"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 22 2001 - 14:31:11 PDT