|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Penetration Tests
Chuck Kenyon (chuck
npiww.com)
Fri, 26 Sep 1997 11:42:49 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Arjan Vos: "Re: Re[2]: Penetration Tests"
- Previous message: Bill Kennedy: "Re: Penetration tests"
- Next in thread: Frank Willoughby: "Re[2]: Penetration Tests"
Edward Cracknell wrote:
>
> Hi,
>
> I'd really like some input regarding penetration tests. Internal and
> External. If you have tools, documentation or a template for considerations
> I'd be grateful. This will be part of an overall risk/vulnerability
> audit, which I have no problems with.
>
This may be obvious to most, but ...
One of the real benefits of an independent penetration test is to get a
third party view of your defenses that is not swayed by the
opinions/experiences of your firewall designer/maintainer.
If one were to test their own design, they're very likely to run all
sorts of tests to prove that the 72 scenarios designed for are truly
impenetrable. An independent tester however may come up another 27
attacks never envisioned and will hopefully provide a broader and more
objective assessment as to your actual level of vulnerability.
This holds for both internal and external penetration tests.
Chuck
- Next message: Arjan Vos: "Re: Re[2]: Penetration Tests"
- Previous message: Bill Kennedy: "Re: Penetration tests"
- Next in thread: Frank Willoughby: "Re[2]: Penetration Tests"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:58 CDT