RE: Using viruses in pen-test
- From: <lists@xxxxxxxxxxxxxx>
- Date: Wed, 11 Oct 2006 16:50:54 -0400
Use the EICAR test files (http://www.eicar.org/). Innocuous payloads
recognized by all AV manufacturers. A "standard" test pattern, just like
real virus patterns.
Check out the web site for more info
kev
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of neo anderson
Sent: Wednesday, October 11, 2006 3:08 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Using viruses in pen-test
Hi List,
I wish to know your views on "Using viruses in pen-test"I
I've been working in the infosec domain for over 2 years with a couple
of infosec certs including CEH and conducting pen-tests for my clients
for about a year.
My recent client has hired me for carrying out "every possible" type
of pen test.
This includes testing organizations defence mechanism against viruses
as well, this includes to test whether anti-virus administrators have
up-to-date virus definitions etc. I'm supposed to gather this
information by means of thorough penetration tests only.
As we all are aware that how the viruses (worms/trojans included)
enter into the corporate network propagate over LAN. There are many
ways like email attachments or infected content brought in by
employee.It spreads on itself thereafter.
Now my question:
Is there any standard procedure to test the posture of organizations
network security against potential virus threats? I mean i wish to
know about pen-test carried out against Antivirus-product. In order to
replicate itself, a virus must be permitted to execute code and/or
write to memory. Thus this pen-test should also tests that.
And do I need to use some known viruses for this kind of pen-test?
Have your thoughts on this topic please.
Thanking you all.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- Using viruses in pen-test
- From: neo anderson
- Using viruses in pen-test
- Prev by Date: Social Engineering Data set
- Next by Date: Re: Frontpage - root directory not password protected
- Previous by thread: Using viruses in pen-test
- Next by thread: Re: Using viruses in pen-test
- Index(es):
Relevant Pages
|
