Re: Tool kit assembly

From: Dave Ryan (dave.ryan@eircom.net)
Date: 07/25/01 

Date: Wed, 25 Jul 2001 20:40:24 +0100
From: Dave Ryan <dave.ryan@eircom.net>
To: "Eric R. Van S***" <vans***@ods.ods.net>
Subject: Re: Tool kit assembly
Message-ID: <20010725204024.A10973@alpha.eng.eircom.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> It look's like I will need to do some penetration test for the organization
> I work for in the not-to-distant-future. The problem is, I do not really
> know where to begin as far as what programs would be appropriate. The
> organization I work for is currently just a Microsoft shop with very-few non
> MS services/programs made available to the masses.

If you are new to the penetration testing arena (seems you are) its best to
get an overview of what is entailed in real penetration tests. A good place to
start is the open source security testing methodology manual lcoated at::

http://www.ideahamster.org or http://uk.osstmm.org/osstmm.htm

This might be a bit too much information for a beginner but it is definitely
useful none the less. It should put things in perspective for you. At the end
of the day it comes down to understanding of the methodologies you choose to
employ and experience in doing so.

> And here begins my request... I was wondering if anyone on this list could
> give me recommendations of programs or websites that would be useful for
> someone (such as myself) who is creating a 'tool kit'. With the wide array
> of programs available, I'd like to avoid getting programs that are not up to
> par. commercial or non-commercial is fine.

The OSSTMM provides a listing of tools applicable to certain aspects of
performing a penetration test. Another useful source of consolidated tools is
located at:

http://www.networkintrusion.co.uk

Just to stress (as I am sure more followups will) a penetration test isn't
something as simple as running a few tools which are provided via open source
or indeed purchased from a commercial supplier. Still they are a good place to
start and will no doubt be useful as your own experience increases. I'm sure
some people will argue that an effective penetration test should be performed
by a "professional" in that area, everyone has to start somewhere (just make
sure that your company understands that much at least).

Good luck.

- --
Dave Ryan Computer Incident Response Team
dave.ryan@eircom.net Eircom Multimedia
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OpenBSD)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjtfIKIACgkQHSjBCI+q2yIDGACfW1x4xeXy6b9ml1x8qk/PpLE7
DHUAnidPXMBsJXLYGDF0ihRKByVMUNVP
=8rQ3
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/