As much as it pains me to provide the reference, a book like Hacking Exposed
(currently in 5th ed.) provides the info you're needing. Think of it as a
basic explainer in the process you're developing. Probably can get a copy
at any old bookstore.
http://www.amazon.com/gp/product/0072260815/sr=8-2/qid=1145915107/ref=pd_bbs
_2/102-8873215-1096951?%5Fencoding=UTF8
---
Benjamin Tomhave, CISSP
falcon@secureconsulting.net
http://falcon.secureconsulting.net/
http://www.linkedin.com/pub/0/622/964
"We must scrupulously guard the civil liberties of all
citizens, whatever their background. We must remember
that any oppression, any injustice, any hatred is a
wedge designed to attack our civilization."
-President Franklin Delano Roosevelt
-----Original Message-----
From: Joel Jose [mailto:joeljose420@gmail.com]
Sent: Monday, April 24, 2006 1:22 AM
To: pen-test@securityfocus.com
Subject: stuck with concepts...
people,
i am facing a small conceptual difficulty in the
project(ospttm.pbwiki.com). we need to do a reconnaisance of
the target and prepare logistics for the attack, like mapping
the target network.. etc but when we use nessus and
metasploit, where do our efforts fit the picture?.. when we
have correctly mapped the target network using
firewalk,nmap,amap..etc . Ok the whois and dnsquery can give
you target ip's to put in nessus, but what bout others?...
isthere a way to integrat our results with these automated
tools?.. or the traditional method of using
firewalk,nmap..etc has fallen down to current trends like nessus?
joel.
--
As soon as men decide that all means are permitted to fight
an evil, then their good becomes indistinguishable from the
evil that they set out to destroy.
- Christopher Dawson, The Judgment of Nations
--------------------------------------------------------------
----------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win
the Analyst's Choice Award from eWeek. As attacks through web
applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most
comprehensive solutions to meet your application security
penetration testing and vulnerability management needs. You
have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help
you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to
confirm your results from other product. Contact us at
request@cenzic.com for details.
--------------------------------------------------------------
----------------
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
