Security Basics mailing list archives
RE: Vulnerability Assessment Checklists?
From: Random Task <rand0m_t4sk () yahoo com>
Date: Thu, 4 Dec 2003 11:53:42 -0800 (PST)
I've been reviewing this recently, as I am in a similar situation to Kim (though I am paid and work with more experienced guys.) So far it seems fairly logical, but I'm not very far through it. I would like to know this, though: of those pen-testers out there who follow the OSSTMM, either strictly or loosely, has it helped your performance? Has it helped you to catch items you would/might have otherwise missed? Have you seen it worthwhile to become a member of ISECOM? Why or why not? Thanks, random task (Lachlan, sorry for that lone direct reply...*grumbles at reply functionality for the list*) --- "McGill, Lachlan" <mcgilll1 () anz com> wrote:
Try the following link for the Open Source Security Testing Methodology manual: http://www.isecom.org/projects/osstmm.shtml -----Original Message----- From: Kim Clark [mailto:kclark20001 () hotmail com] Sent: Tuesday, 2 December 2003 9:46 AM To: security-basics () securityfocus com Subject: Vulnerability Assessment Checklists? Hello, I've finished my Security+, and am almost through my Security Certified Network Professional training. I'm looking for some basic tips and resources (checklists or templates?) to do some vulnerability assessments because I just went to donate my services at a nonprofit job fair and got plenty of responses. Since I've never evaluated the security posture of a company before I could use some resources on how to best get started. They run the gamut from P2P to WANs. Of course, I want to give them some value while gaining valuable experience for my resume. Thanks in advance, Kim Clark _________________________________________________________________ Need a shot of Hank Williams or Patsy Cline? The classic country stars are always singing on MSN Radio Plus. Try one month free! http://join.msn.com/?page=offers/premiumradio
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Vulnerability Assessment Checklists? Kim Clark (Dec 01)
- Re: Vulnerability Assessment Checklists? Marcos E. Rodriguez (Dec 01)
- RE: Vulnerability Assessment Checklists? dave kleiman (Dec 01)
- <Possible follow-ups>
- RE: Vulnerability Assessment Checklists? McGill, Lachlan (Dec 01)
- RE: Vulnerability Assessment Checklists? Random Task (Dec 04)
- RE: Vulnerability Assessment Checklists? Shawn Jackson (Dec 01)
- Re: Vulnerability Assessment Checklists? H Carvey (Dec 02)
- Re: Vulnerability Assessment Checklists? Muhammad Faisal Rauf Danka (Dec 03)
- 'risk' (was: Re: Vulnerability Assessment Checklists? Meritt James (Dec 03)