Security Basics mailing list archives

RE: Vulnerability Assessment Checklists?

From: Random Task <rand0m_t4sk () yahoo com>
Date: Thu, 4 Dec 2003 11:53:42 -0800 (PST)

I've been reviewing this recently, as I am in a similar situation to
Kim (though I am paid and work with more experienced guys.) So far it
seems fairly logical, but I'm not very far through it. I would like
to know this, though: of those pen-testers out there who follow the
OSSTMM, either strictly or loosely, has it helped your performance?
Has it helped you to catch items you would/might have otherwise
missed? Have you seen it worthwhile to become a member of ISECOM? Why
or why not?

Thanks,

random task

(Lachlan, sorry for that lone direct reply...*grumbles at reply
functionality for the list*)

--- "McGill, Lachlan" <mcgilll1 () anz com> wrote:

Try the following link for the Open Source Security Testing
Methodology manual:

http://www.isecom.org/projects/osstmm.shtml

-----Original Message-----
From: Kim Clark [mailto:kclark20001 () hotmail com]
Sent: Tuesday, 2 December 2003 9:46 AM
To: security-basics () securityfocus com
Subject: Vulnerability Assessment Checklists?

Hello,

I've finished my Security+, and am almost through my Security
Certified 
Network Professional training.

I'm looking for some basic tips and resources (checklists or
templates?) to 
do some vulnerability assessments because I just went  to  donate
my 
services at a nonprofit job fair and got plenty of responses.

Since I've never evaluated the security posture of a company before
I could 
use some resources on how to best get started. They run the gamut
from P2P 
to WANs. Of course, I want to give them some value while gaining
valuable 
experience for my resume.

Thanks in advance,

Kim Clark

_________________________________________________________________
Need a shot of Hank Williams or Patsy Cline?  The classic country
stars are 
always singing on MSN Radio Plus.  Try one month free!  
http://join.msn.com/?page=offers/premiumradio

---------------------------------------------------------------------------

----------------------------------------------------------------------------

---------------------------------------------------------------------------

----------------------------------------------------------------------------



__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Vulnerability Assessment Checklists? Kim Clark (Dec 01)
- Re: Vulnerability Assessment Checklists? Marcos E. Rodriguez (Dec 01)
- RE: Vulnerability Assessment Checklists? dave kleiman (Dec 01)
- <Possible follow-ups>
- RE: Vulnerability Assessment Checklists? McGill, Lachlan (Dec 01)
  - RE: Vulnerability Assessment Checklists? Random Task (Dec 04)
- RE: Vulnerability Assessment Checklists? Shawn Jackson (Dec 01)
- Re: Vulnerability Assessment Checklists? H Carvey (Dec 02)
- Re: Vulnerability Assessment Checklists? Muhammad Faisal Rauf Danka (Dec 03)
  - 'risk' (was: Re: Vulnerability Assessment Checklists? Meritt James (Dec 03)