Hi, You definitively need to install nmap together with C compiler, Perl and Python to run some exploits for IIS for example. There are also Perl scripts for netbios shares enumeration etc. However I really can't imagine an effective pen-test process of MS SQL without MS SQL tools. Active Directory and MS RPC can be quite tricky to pen-test from Solaris too (no ResKit tools). If you can tap into LAN network, than definitively install a sniffer, you can get away with snoop but I would strongly recommend tool like dsniff but I don't know if it can be compiled cleanly under Solaris. Cheers, Aleksander Czarnowski AVET INS --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon May 12 2003 - 18:52:25 PDT