Re: Blind penetration testing

• Previous message: hofmemi@ey.co.za: "Re: Blind penetration testing"
• Maybe in reply to: Trey Mujakporue: "Blind penetration testing"
• Next in thread: Andrew Simmons: "Re: Blind penetration testing"
• Next in thread: Jim Becher: "RE: Blind penetration testing"
• Reply: Andrew Simmons: "Re: Blind penetration testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <20011003121407.48623.qmail@web20803.mail.yahoo.com>
Date: Wed, 3 Oct 2001 05:14:07 -0700 (PDT)
From: Ilici Ramirez <ilici_ramirez@yahoo.com>
Subject: Re: Blind penetration testing 
To: pen-test@securityfocus.com

Some hints for reconnnaissance only:

1. review content of their web pages, download them
localy
- look for names, emails, phone numbers, technologies
- search for scripts or asp included in html -
programming bugs, overflows, comments, etc.

2. search google and newsgroups for emails from the
company - they can discuss about their security
problems

3. deep whois, dns interrogation - you will obtain
their addresses - try www.geektools.com

4. network recconaissance - scanning - available
hosts, services, banners, OSes

good luck.

Ilici R

__________________________________________________
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Previous message: hofmemi@ey.co.za: "Re: Blind penetration testing"
• Maybe in reply to: Trey Mujakporue: "Blind penetration testing"
• Next in thread: Andrew Simmons: "Re: Blind penetration testing"
• Next in thread: Jim Becher: "RE: Blind penetration testing"
• Reply: Andrew Simmons: "Re: Blind penetration testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: SQL ... Subject: SQL ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: Insurance ... property--data beign deemed "intangible" for the purposes of insurance. ... for physical security testing there are often 3rd parties ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: Pen-Testing Lotus Notes/Domino ... Subject: Pen-Testing Lotus Notes/Domino ... of document security. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) RE: Height of paranoia ... Have you also thought that recipients may have forwarded these on by ... when-especially if you have unique logins for the admins. ... see any security benefit from that, ... How to secure their emails from exchange admins (it's the height, ... (Security-Basics) R: Pen-Testing help (Compaq Insight & htsearch) ... This web server happens to be in front of their ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint