Since when?
If I'm auditing an intrusion detection system on my LAN, I would
consider that I'm penetration testing, not performing a vulnerability
assessment.
Regards,
John Martinelli
RedLevel.org Security
On Aug 8, 2007, at 2:04 AM, Nikhil Wagholikar wrote:
Hello Jure,
Performing scans from within target LAN is called Vulnerability
Assessment, and doing the same thing from other LAN or outside IP
Address/Addresses is called Penetration Testing.
I have clearly mentioned that the scenario is applicable for
Pen-Testing. Kindly suggest the same answer from Pen-Testing point of
view.
Thanks for your suggestion. This suggestion will be usefull for
Vulnerability Assessors.
---
Nikhil Wagholikar
Information Security Analyst
On 8/8/07, Jure Krasovic <jure.krasovic@lusp.com> wrote:
Nikhil Wagholikar pravi:
Hello List,
I need some suggestions and inputs from all Pen-testers around the
world on this issue.
Hello Nikhil,
if you are on the same LAN as machines you do pentest, you should try
arpping.
Regards
Jure
----------------------------------------------------------------------
--
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
----------------------------------------------------------------------
--
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
|