Re: resources for the pen-test team?

From: Allen Harper (harperaa@yahoo.com)
Date: 02/02/02

Previous message: Stephan Barnes: "RE: Dialup Banner Database?"
Maybe in reply to: yossarian: "Re: resources for the pen-test team?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Allen Harper" <harperaa@yahoo.com>
To: "Weaver, Woody" <woody.weaver@callisma.com>, <pen-test@securityfocus.com>
Date: Fri, 1 Feb 2002 19:27:25 -0800

VMware makes all the difference in the world. We have a lab with 10 boxes
or so, all with vmware, that way we can load many configurations and run
upwards of 50 virtual boxes at a time. Rarely, will you hit the glass
ceiling of vmware. Windows, try as hard as it does, is not a real operating
system. There are some issues with implementation of the TCP/IP stack. I
only had a problem one time, when running Hunt, it would not do an active
hijack with switch relay under vmware, other than that, it is the way to
go... By the way, the newest version (3.0) has robust network capability
with virtual DHCP and NAT you can set up virtual switches, hub, and
routers...neat.

allen
----- Original Message -----
From: "Weaver, Woody" <woody.weaver@callisma.com>
To: <pen-test@securityfocus.com>
Sent: Wednesday, January 30, 2002 5:39 AM
Subject: resources for the pen-test team?

> For those pen testers who are part of a commercial security team, how
large
> is your lab? What kind of support resources do you have? Or are you
pretty
> much on your own?
>
> --woody
>
>
> --------------------------------------------------------------------------

-- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/

_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com

---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/

Previous message: Stephan Barnes: "RE: Dialup Banner Database?"
Maybe in reply to: yossarian: "Re: resources for the pen-test team?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Using Airsnort through vmware on Red Hat 7.1
... Using Airsnort through vmware on Red Hat 7.1 ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: Training Lab Question
... User Mode Linux might be a good alternative to VMWare, ... >> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ... > automatically alerts you to the latest security vulnerabilities please see: ...
(Pen-Test)
Re: faster scans? (nmap)
... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re: pen test help please asap
... > Machine A on client site makes a configurable encrypted OUTBOUND ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: ettercap help
... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)