RE: Penetration testing scope/outline

• Previous message: Anders Thulin: "Re: Penetration testing scope/outline"
• In reply to: Billy Dodson: "Penetration testing scope/outline"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <pen-test@securityfocus.com>
Date: Wed, 6 Oct 2004 16:10:00 -0600

I ran across these publications in an ISSEP seminar; the first link covers a
lot of publications addressing all things security, the second contains
specific details on security audits/penetration testing.

Try:
http://csrc.nist.gov/publications/nistpubs/

Specifically:
http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf
-Tate

-----Original Message-----
From: Billy Dodson [mailto:CraftedPacket@securitynerds.org]
Sent: Tuesday, October 05, 2004 8:45 AM
To: pen-test@securityfocus.com
Subject: Penetration testing scope/outline

Anyone have any documents they are willing to share on the scope of work for
a pen-test? I have looked online but was unable to find any available
documentation. If anyone could provide me with a some links or
documentation outlining a pen-test/network audit it would be greatly
appreciated.

----------------------------------------------------------------------------

--
Internet Security Systems. - Keeping You Ahead of the Threat
When business losses are measured in seconds, Internet threats must be
stopped before they impact your network. To learn how Internet Security
Systems keeps organizations ahead of the threat with preemptive intrusion
prevention, download the new whitepaper, Defining the Rules of Preemptive
Protection, and end your reliance on reactive security technology. 
http://www.securityfocus.com/sponsor/ISS_pen-test_041001
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Internet Security Systems. - Keeping You Ahead of the Threat
When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. 
http://www.securityfocus.com/sponsor/ISS_pen-test_041001
-------------------------------------------------------------------------------

• Previous message: Anders Thulin: "Re: Penetration testing scope/outline"
• In reply to: Billy Dodson: "Penetration testing scope/outline"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages MI5 Boss hints kiss goodbye to civil rights... ... "THE INTERNATIONAL TERRORIST THREAT AND THE DILEMMAS IN COUNTERING IT" ... I am delighted to be here to celebrate the 60th Birthday of the AIVD. ... The friendship between the AIVD and my Service, the British Security ... fascism then, by the time I met him, on countering terrorism. ... (soc.culture.scottish) Re: NDC-Al Gore invented being a hypocrite ... misuse terror threats to manipulate the public for political purposes. ... It said nothing about this particular instance, and it no way implies ... or suggests that this specific threat or the threat of terrorism in ... time of war or national unrest due to security issues. ... (rec.music.gdead) Re: Zaurus audit tools ... IT Technical Security Officer ... Internet Security Systems. ... To learn how Internet Security ... Systems keeps organizations ahead of the threat with preemptive ... (Pen-Test) Re: U.S. Embassy Warning Of Possible Terror Attack On 4-5 Star Hotels in China ... November 9 Threat Message Retracted ... The Chinese Ministry of Public Security informed the U.S. Embassy in Beijing ... (rec.travel.asia) Re: (NFL) Government Doubts Threat on 7 NFL Stadiums ... explosives at a parkin lot near a College football game. ... Wednesday by government security officials. ... stadium owners were alerted "out of an abundance of caution." ... FBI spokesman Richard Kolko said the threat was "questionable" and was ... (rec.sport.pro-wrestling)