RE: Penetration testing scope/outline

From: Tate Hansen (tate_at_ClearNetSec.com)
Date: 10/07/04

  • Next message: robert_at_dyadsecurity.com: "Re: Penetration testing scope/outline"
    To: <pen-test@securityfocus.com>
    Date: Wed, 6 Oct 2004 16:10:00 -0600
    
    

    I ran across these publications in an ISSEP seminar; the first link covers a
    lot of publications addressing all things security, the second contains
    specific details on security audits/penetration testing.

    Try:
    http://csrc.nist.gov/publications/nistpubs/

    Specifically:
    http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf
    -Tate

    -----Original Message-----
    From: Billy Dodson [mailto:CraftedPacket@securitynerds.org]
    Sent: Tuesday, October 05, 2004 8:45 AM
    To: pen-test@securityfocus.com
    Subject: Penetration testing scope/outline

    Anyone have any documents they are willing to share on the scope of work for
    a pen-test? I have looked online but was unable to find any available
    documentation. If anyone could provide me with a some links or
    documentation outlining a pen-test/network audit it would be greatly
    appreciated.

    ----------------------------------------------------------------------------

    --
    Internet Security Systems. - Keeping You Ahead of the Threat
    When business losses are measured in seconds, Internet threats must be
    stopped before they impact your network. To learn how Internet Security
    Systems keeps organizations ahead of the threat with preemptive intrusion
    prevention, download the new whitepaper, Defining the Rules of Preemptive
    Protection, and end your reliance on reactive security technology. 
    http://www.securityfocus.com/sponsor/ISS_pen-test_041001
    ----------------------------------------------------------------------------
    ---
    ------------------------------------------------------------------------------
    Internet Security Systems. - Keeping You Ahead of the Threat
    When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. 
    http://www.securityfocus.com/sponsor/ISS_pen-test_041001
    -------------------------------------------------------------------------------
    

  • Next message: robert_at_dyadsecurity.com: "Re: Penetration testing scope/outline"