pen test v2.0

From: Mehmet Buyukozer (
Date: 09/18/03

  • Next message: Dan Codespoti: "RE: New RPC exploit for the latest RPC vulnerability"
    To: <>
    Date: Thu, 18 Sep 2003 13:24:05 -0700

    Dear friends;

    i really thank you for your help. Somebody told me that i should search on
    the internet than ask a question in this group. Firstly i wanted to answer
    this question explicitly, i am already doing so. The aim behind asking
    question here was to learn the opinions of experts like you. Secondly i will
    try to explain the situation. Our customer wanted us to scan their computers
    which are open to internet. they wanted to see if some real hackers try to
    hack and what could be the results. So ids or firewall logs don't matter
    very much at first sight. anyway we used:


    I know something about pen test. I mean i am already familiar with the pen
    test , but wanted to learn deeply. and the answers and links that you gave
    helped really much.

    At the end of our test, we find only the HTTP open to the internet and they
    already patched very well.How did we understand this? we tried many known
    exploits and also add to the reports that some known vulnerabilites but
    havent written an exploit for it, and advice them to follow the patch.
    We used NMAP for OS detection and find they are using W2K with SP2, and IIS
    5.0, at the beginning we couldnt ping but then tried to tracert, we got
    answer and finally we add all these stuff to VA.

    If you have some further question or advice about our survey, i really want
    to hear them.

    Thanx in advance

    Captus Networks
    Are you prepared for the next Sobig & Blaster?
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Precisely Define and Implement Network Security
     - Automatically Control P2P, IM and Spam Traffic
    FIND OUT NOW - FREE Vulnerability Assessment Toolkit

  • Next message: Dan Codespoti: "RE: New RPC exploit for the latest RPC vulnerability"

    Relevant Pages

    • Re: dialer pops!!
      ... If I download spyware blaster, will that solve my current dilema? ... Sure do appreciate your help and advice. ... >> I have xp pro on my computer and high speed cable internet, ...
    • Re: 100% CPU Usage?
      ... I run the 5 spyware killer ... >If you don't wish to follow all of the advice ... a "Windows" operating ... >You should also empty your Internet Explorer Temporary ...
    • Re: Recommends for spy software remover?
      ... Here a book on "Defense and Detection Worms" in the internet section: ... >> What are some good, free, spyware remover programs that don't add ... It contains advice ... You should at least turn on the built in firewall. ...
    • Re: Best way to force a JComponent to repaint itself
      ... I have made it clear to him that I have no interest in any of his so-called "advice"; regardless of its content, its method of delivery renders it completely unpalatable. ... This is completely unacceptable behavior, not to mention that it flagrantly violates the newsgroup's charter, and therefore his internet service provider will shortly be notified of his behavior, which likely violates their Terms of Service. ... I never claimed that a superclass could not be a source of documentation about a subclass. ...
    • Re: question about the new service pack 2
      ... What is the rational of decreasing the size of the temporary internet storage ... It contains advice ... It may help speed up your system, but it should be clean ... You should at least turn on the built in firewall. ...