Re: LAN pen test

From: Jerome Athias (jerome.athias@free.fr)
Date: Tue Dec 05 2006 - 03:59:26 EST


Hi,

i see many people in these lists asking about "how to do this or that?"
related to a pentest
i would like to remember that the position of pentester is a fulltime
job (very technical), and so that there are sometimes things that you
won't do as "perfectly" as a professionnal/expert, and that sometimes
you will spend more time trying to do something or learning something
(time and money consumming) than by calling a pentester to do the job
for you...

btw i'm not a security professionnal

/JA

mifa@stangercorp.com a écrit :
> I have gone through the eh course and I still do not feel like I can really understand how to pen test. None of the exploits or methods seem to work on a updated xp machine. I set up a vm ware network to practice on. I can not seem to make any progress because the information I have is outdated.
>
> Can anyone point me to a resource that would help me gain access to an xp machine that is running automatic updates (my vm). I cant seem to do it one the lan any way other than to use a trojan and what would be to point of pen testing a system if the only way in is via trojan; thats standard seucrity, dont run programs from email, blah blah blah...

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT