VOIP Pen TEST
- From: <harshad.mengle@xxxxxxxxx>
- Date: Mon, 26 Nov 2007 11:02:41 +0530
Hi All:
I am looking for a Information on VOIP Pen Test. If anybody has worked
on it.
Pls share his experience.
Regards,
Harshad
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Gleb Paharenko
Sent: Sunday, November 25, 2007 4:23 PM
To: Attari Attari
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Pen Test Success Factors
Hi.
The question seems be deeply related to "what is security?".
In my opinion there is an important factor except vulnerabilities -
information disclosure about network topology, versions of installed
software which are discovered using black box testing.
In case information leaks were not found, you can show your methodology
of security testing, checklists. For each application you can define the
vector of possible attacks and methods how to check if an application is
vulnerable. Checklists for hardening software also show that system is
secure enough.
2007/11/21, Attari Attari <c70n3@xxxxxxxxxxx>:
Hi List,
For a client to evaluate success of a pen test what would go down as
Key Success Factors. I spoke to one client and he opined that more
issues a pen tester finds the more successful it is for them and
highlights the quality of tester. They also feel that if tester has
found few or no vulnerabilities, the testers are simply no good. I
know majority of testers on this list would disagree with this, and
right so.
In such a case what we as testers could communicate acceptable success
factors to the client, in priority order?
Clone
Save all your chat conversations. Find them online at
http://in.messenger.yahoo.com/webmessengerpromo.php
----------------------------------------------------------------------
--
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
----------------------------------------------------------------------
--
--
Best regards.
Gleb Pakharenko.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
www.wipro.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- Follow-Ups:
- RE: VOIP Pen TEST
- From: John Babio
- Re: VOIP Pen TEST
- From: Elad Shapira
- RE: VOIP Pen TEST
- References:
- Pen Test Success Factors
- From: Attari Attari
- Re: Pen Test Success Factors
- From: Gleb Paharenko
- Pen Test Success Factors
- Prev by Date: Re: RE: Oracle SQL Injection vulnerability
- Next by Date: Inguma 0.0.6 Released
- Previous by thread: Re: Pen Test Success Factors
- Next by thread: Re: VOIP Pen TEST
- Index(es):
Relevant Pages
|
|
