Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: eBanking Security Testing (network and application) Methodology Rele

from [Yuri Demchenko] Network Security [Permanent Link]
Subject: Re: eBanking Security Testing (network and application) Methodology Released
Date: Mon, 07 Mar 2005 10:39:54 +0100
cbc wrote:
> Hi All,
>
> Be careful on the whitepapers in this website. They
> are from specific vendors and not from third
> independant party. The words they used are skewed
> towards the spec of their product. Be intelligent
> folks!!
>
In contrary, I would say rather few good words in address of this whitepaper together with some remarks.

Actually it's a good overview of some tools and techniques for general network diagnostics that can be used for security testing and post-incident investigation for application specific _network_ infrastructure.

IMHO, the paper should be structured in another way to become more specific for ebanking whatever is understood under this term.

Checking picture links at http://www.ebankingsecurity.com/testing9.asp and other pages would be useful.

Regards,

Yuri

peter@ebankingsecurity.com wrote:

Hello

A new ebanking security testing methodology has been released on www.ebankingsecurity.com which covers both applications and generic networks.

This work focuses on practical security testing approaches, and is different from other work in that it covers:

1. Basic Penetration Testing - the usual stuff here, pretty basic and entry level
2. Advanced Penetration Testing - this section goes into detail of advanced TCP/IP protocol and application level attacks, as well as having a ICMP security attacks section.
3. Web Application Testing - some useful stuff here, pretty basic I would say for most the list.

Above all the content is practical and relevant to todays ebanking and generic 
e-
transactions network.

There is an option on the site to download this as a PDF.

All comments and feedback are welcome. 

Peter Robinson
peter@ebankingsecurity.com
http://www.ebankingsecurity.com




[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Testing large networks, Dan Rogers
Next by Date:  Null Session, Wbsony
Previous by Thread:  eBanking Security Testing (network and application) Methodology Released, peter
Next by Thread:  Re: eBanking Security Testing (network and application) Methodology Released, cbc
Indexes:  [Date] [Thread] [Top] [All Lists]