RE: Know such a web's server tool? -- huh

From: Bojan Zdrnja (Bojan.Zdrnjaat_private)
Date: Mon Jul 21 2003 - 16:12:57 PDT

  • Next message: autoscanat_private: "AutoScan - Exames de Vulnerabilidade de Seguranca Internet" 

    > -----Original Message-----
> From: Alvin Oga [mailto:alvin.secat_private-Consulting.com] 
> Sent: Sunday, 20 July 2003 5:59 p.m.
> To: Paul Vet
> Cc: MARTIN M. Bénoni; pen-testat_private
> Subject: RE: Know such a web's server tool? -- huh
> 
> okay.... i'll bite ...  why does everybody/somebody think that "pen-test"
> means to run a port scan w/ nmap/nessus .. etc ..

Exactly this is the reason why penetration testing isn't only running of
nmap/nessus/iss/whatever, but more important - interpretation of results and
additional steps taken.

Everyone can run tools, but only people who understand things can interpret
their results and find additional possible or existing security problems.

Regards,

Bojan Zdrnja


---------------------------------------------------------------------------
----------------------------------------------------------------------------

    This archive was generated by hypermail 2b30 : Tue Jul 22 2003 - 13:11:02 PDT