[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Steve Marvell wrote:
On Thu, Jul 04, 2002 at 11:53:46AM +0100, Simon Waters wrote:I need some guinea pig networks to update my vulnerability assessment procedures against. Preference given to those unlikely ever to be able to pay for the service ;)You want someone to try and crack, you want someone to install some stuff to see if they've been cracked or you want someone to install some stuff whilst you try and crack them to see if it spots you?
No just Internet connections to scan, to assess vulnerabilities. People willing to provide feedback on reports (or sections of) would be useful as well. Not specifically interested in trying to exploit holes, just finding them, it is far easier to find and fix holes than try and exploit them, and far more useful. Not particularly bothered if people spot what I'm doing, although if you have a firewall and it doesn't alert you that something happened then maybe it is a tad lax in it's reporting. Where as if an IDS locks me out the reports are incomplete. Currently the scanning doesn't do much more than a port scan, and I've followed that up with a manual inspection of open ports for obvious information and other bits and pieces. I want to build up the scanning to attempt further probing of firewalled networks. I still haven't settled on all the free tools I'll be using for this either. And some of my scripts need improving, so they produce more presentable output. Simon, feeling the need to get back to some proper work. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.