All: I recently spoke for the SNENUG (Southern New England Network Users Group) and gave a short presentation on penetration testing. I introduced the basic concepts, steps, phases, and components of a penetration test. You can download the slides below: Introduction To Penetration Testing Enjoy!
UPDATE: Fixed the broken link. Sorry! Today, Larry is speaking on an Infoworld Webcast on improving vulnerability management with penetration testing with John Pescatore from Gartner (yes, he did declare IDS dead), and Allan Paller from SANS. The Webcast takes place at 2PM EST, and pre-registration is required. If you would like to join in, […]
I stumbled across this great “living” document that I’m calling an “Anatomy of a Pentest”. It is a great visual representation of all the steps one should think about when performing a pentest, with all of the most handy command line switches. The author is taking feedback from the community on the document, and is updating […]
“…new tunneling support allows you to make a real VPN using OpenSSH without the need for any additional software. This goes well beyond the TCP port forwarding that we have supported for years – each end of a ssh connection that uses the new tunnel support gets a tun(4) interface which can pass packets between […]
“The Cisco 7920 Wireless IP Phone provides Voice Over IP service via IEEE 802.11b Wi-Fi networks and has a form-factor similar to a cordless phone. This product contains two vulnerabilities: The first vulnerability is an SNMP service with fixed community strings that allow remote users to read, write, and erase the configuration of an affected […]