PenTest Checklist

["J. Yoon" <supercool9000 () hotmail com>]

Here's a quick summary here from various sources for your review... Also 
wanted to know what your favorite tools/methods are for testing methods 
Items D through M below.

Pen-Test Quick Checklist

A - Assessment - how long it will take to run the port scan
For a Basic test 2 days for class C, 12 hops over 64k digital line,
additional hour per class C for every hop over 12,
additional time for systems protected by IDS and stateful inspection 
firewalls

B - Goals
recognize best practices
recognize business risks
privacy issues both internal and external

C- Technical Prep:
1) set up attack network - prep full packet sending recovery , avoid 
firewall/nat pitfalls.
2) access security testing resources - find exploits, find running 
services(HTTP, FTP, SMTP, POP3, etc), and what versions
3) set up attack server - install tools

D - Physical System testing - how easy it is to physically get access to the 
system.

E- Social engineering test - find out how easy it is to obtain critical 
information from people.

F- Web App Testing - tests website as an application for security holes, 
weaknesses, usability, performance, and quality.

G - VPN testing - security of remote access VPN, encryption methods, etc

H - Privilege Testing - test with various logins as a valid system user

I - Router Firewall IDS testing - test where another system is placed inside 
the DMZ to convey information. all firewalls should be tested together and 
separately from the router.

J - DoS testing - to discover if it's vunerable to denial of service attacks 
where vital services may be crippled.

K - Containment Measures Testing - test for trojans, viruses or 
spam/adwares, internal webbrowsing with scripts and applets.

L - Periodic Testing - regular weekly or monthly testing

M -  Verification Testing -  To verify that any problems have been 
implemented properly

N - Report Results
 1) privacy problems
 2) security problems
 3) web components
 4) overal ratings
 5) suggestions

_________________________________________________________________
Get reliable dial-up Internet access now with our limited-time introductory 
offer.  http://join.msn.com/?page=dept/dialup


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------