Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: LAN pen test

from [mifa] Network Security [Permanent Link]
Subject: RE: LAN pen test
Date: Wed, 13 Dec 2006 16:57:44 -0600 
That is a great suggestion.  Why is snmp vulnerable before patching with the 
following?

Microsoft Security Bulletin MS06-074
Vulnerability in SNMP Could Allow Remote Code Execution (926247)


-----Original message-----
From: "Clemens, Dan" Dan.Clemens@healthsouth.com
Date: Thu, 07 Dec 2006 19:56:16 -0600
To: "Jerome Athias" jerome.athias@free.fr
Subject: RE: LAN pen test


Tacking on something to what Jerome's posting - 

Another perspective may be to try to get the list to focus more on 'why'
questions in contrast to 'how' questions. 

How questions are good, but why questions tend to lend information that
the end user could learn from. 


Can anyone point me to a resource that would help me gain access to an

xp machine that is running automatic updates (my vm).

If the computer is running automatic updates you will probably have to
have an unpublished vulnerability, or try to look for ways the computer
was setup by the administrator that may lend to remote access . (eg
default or null passwords etc).

ImmunitySec has a good resource for vulnerability sharing that isn't
shared with the public at large, but I doubt that is what you are
looking for.


 I cant seem to do it one the lan any way other than to use a trojan

and what would be to point of pen testing a system if the only way in is

 via trojan; thats standard seucrity, dont run programs from email,

blah blah blah...


What about installing a few different revisions of XP on your vmware
lab.
      XP SP0
      XP SP1
      XP SP2

Or organize your vm sessions by each monthly patch to test specific
vulnerabilities that you have exploits for.

- Daniel Clemens


-----------------------------------------
Confidentiality Notice: This e-mail communication and any
attachments may contain confidential and privileged information for
the use of the designated recipients named above. If you are not
the intended recipient, you are hereby notified that you have
received this communication in error and that any review,
disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in
error, please notify me immediately by replying to this message and
deleting it from your computer. Thank you.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: PCI Compliance (Vulnerability Scans), Erin Carroll
Next by Date:  Re: Pen-testing - pricing model, Barry Fawthrop
Previous by Thread:  Re: LAN pen test, Nick
Next by Thread:  Re: Apache Tomcat penetration test, email-fulldisclosure
Indexes:  [Date] [Thread] [Top] [All Lists]