At Gridlocked we represent whitehat security professionals, our audits basically involve either (or both) of the following: * Network Security Assessment * Penetration Testing We explain the methods behind our Network Security Assesments - network mapping, host identification, information gathering, service inspection, network scanning, protocol probing, host fingerprinting, vulnerability assessment, use of top commercial security tools combined with various opensource and private utilities. Penetration Testing - We hand over our policy and then explain we take on the attackers perspective at actively aiming to exploit and compromise the security of the servers. Using known and unknown (un-disclosed ) bugs. bugs and detail them with a full technical report listing: .Vulnerability Name .Problem Description .Severity Rating .Impact .Patch/fix methodologies .Suggestions/workarounds Alot of people still don't understand the terms that well, even though we usually explain to them the different terminology in the scene. In the end it doesn't really matter to much for them, we are there to secure there systems, secure there data and help secure the internet. Paul Rathborn IT Security Engineer/System Admin Gridlocked Networks E-Mail: adminat_private "Lock onto Gridlocked.net" -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat Jul 07 2001 - 10:06:24 PDT