RE: Class on Security Tools

From: Mike Bailey (gnetic_at_charter.net)
Date: 12/16/04

  • Next message: Harshul Nayak: "RE: Research on penetration testing?" 
    To: "'Joe Traband'" <jtraband@itstechnologies.com>, <pen-test@securityfocus.com>
Date: Wed, 15 Dec 2004 22:33:40 -0500

    Although more of scanner, Cain from Oxid.it could be demonstrated as a
    passive attack tool / active data collector.

    Ettercap is something else that would work nicely for the class.

    Since you're going to demo Metasploit you could also toss in a basic demo or
    talk about Ollydbg and explain the shellcoding process.

    > -----Original Message-----
    > From: Joe Traband [mailto:jtraband@itstechnologies.com]
    > Sent: Tuesday, December 14, 2004 1:49 PM
    > To: pen-test@securityfocus.com
    > Subject: Class on Security Tools
    >
    > I am helping teach a class to the ISSA of Northwest Ohio,
    > here in Toledo. The next class will be the second part of a
    > series on security tools. Last class we went over scanning
    > tools such as nmap, NetStumbler, nikto, and a couple others.
    >
    > This next class will be focused on attack tools. We were
    > planning on presenting Metasploit, EBCD for password changes,
    > and a couple other tools. My question is - what (free) tools
    > should we give a brief overview of? The class is technical,
    > mostly comprised of IT directors and the like. Most are not
    > dedicated security staffers, but rather have that as part of
    > their job responsibility. We don't have to go in depth, but
    > we are demonstrating on a network we have built for this purpose.
    >
    > Next month we will be doing remediation/protection tools. I
    > was thinking about showing Snort, Tripwire, Microsoft
    > Baseline Security Analyzer, and a couple others. Any ideas on that?
    >
    > Thanks in advance,
    > Joe Traband
    > jtraband@itscomputersolutions.com
    >

  • Next message: Harshul Nayak: "RE: Research on penetration testing?"