Re: honeypot in conjunction with pen test?

From: Mark Tinberg (tinberg@securepipe.com)
Date: 06/07/02 

Date: Fri, 7 Jun 2002 07:03:10 -0500 (CDT)
From: Mark Tinberg <tinberg@securepipe.com>
To: Mike Riley <mike@akitanet.co.uk>

On Thu, 6 Jun 2002, Mike Riley wrote:

[snip]

> certainly isn't. It's not about getting in, it's about
> *auditing*.

If I may respectfully disagree, a pen-test *is* about getting in, and is
distinct from an audit. To me (and this may just be a semantic
difference) an audit is a completely different animal where the auditors
spend several weeks/months on-site going over the client's procedures and
network equipment with a fine toothed comb, as well as interviewing the
admins. The report will contain things that should be tightened up as
well as places where the written policy differs from what is implemented
in the network hardware and where the admins differ from policy. It is
not something that can be done remotely, although it may involve a
pen-test for verification.

I may be confused (it's way past my bedtime 8^) but I think that there is
a general misunderstanding both in the minds of clients and sometimes in
the minds of the consultants about where the difference lies. 

-- 
Mark Tinberg <MTinberg@securepipe.com>
Network Security Engineer, SecurePipe Inc.
Remember:  Wherever you go, there you are!
Key fingerprint = AF6B 0294 EE33 D802 F7A1  38A4 CF52 5FE0 7470 E5F7

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: Pen-Test and Social Engineering
    ... may and should be a SE aspect of said Pen-Test. ... I know a place where the security guard barely ... Time of the attacks. ... Audit your website security with Acunetix Web Vulnerability Scanner: ...
    (Pen-Test)
  • RE: Using a Stand-Alone Network Printer as a network attack entry point?
    ... Any network device is a potential caveat for network security. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Using a Stand-Alone Network Printer as a network attack entry point?
    ... So, if you can reach the printer <which, if the network folks know their ... Jetdirect cards have never been a security ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: testing laptop based on bsd anyone
    ... I wasn't speaking about the relative strengths of security measures within ... an OS as a yardstick to determining viability as a pen-test platform. ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
    (Pen-Test)
  • RE: Business justification for pentesting
    ... This is a risk management thing not a pen-test thing. ... security sucks. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)