Re: network auditing
From: Ansgar -59cobalt- Wiechers (bugtraq_at_planetcobalt.net)
Date: 10/16/03
- Previous message: Ansgar -59cobalt- Wiechers: "Re: Alternatives to sftp?"
- In reply to: cc: "Re: network auditing"
- Next in thread: Meidinger Chris: "RE: network auditing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Oct 2003 11:59:10 +0200 To: Security Basics <security-basics@securityfocus.com>
On 2003-10-15 cc@belfordhk.com wrote:
> Hagen, Eric wrote:
>
> > Well, being the network administrator, it would be impossible for
> > you to "black box" test the network. However, any penetration
> > testing you employ would be "crystal box" type tests.
>
> Unless I do it at home(which isn't practical at the moment due to me
> still using a dialup). But perhaps my understanding of this 'black
> box' test isn't that correct. Why do you say it's 'impossible'?
Black box testing means you know nothing about the system/network you
try to pen-test. Whenever you have some knowledge about a system or
network (e.g. being its administrator) it is no longer a black box to
you.
Regards
Ansgar Wiechers
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------
- Previous message: Ansgar -59cobalt- Wiechers: "Re: Alternatives to sftp?"
- In reply to: cc: "Re: network auditing"
- Next in thread: Meidinger Chris: "RE: network auditing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
