Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Info collection

From: "Michael Shirk" <shirkdog () cryptomail org>
Date: Fri Aug 06 08:00:15 EDT 2004
There are alot of other tools. You seem to be speaking of Windows and *nix.
For Windows, I would add tcpview from sysinternals which is a GUI realtime traffic monitor for ports and processes.
Also, just use PHLAK or AUDITOR bootable linux distros, designed for security and forensics to work with Windows and 
*nix.
Sleuthkit also with Autopsy is available on PHLAK, or just search google and try it out.
-----Original Message-----
From: JeffG () kizan com [mailto:JeffG () kizan com]
Sent: Wednesday, August 04, 2004 11:02 AM
To: pen-test () securityfocus com
Subject: Info collection
Importance: Low
I am attempting to refine my methods of evaluating servers and am
wondering what information you all gather during an assessment on
various platforms.  These would be run on the target machines with
privileged accounts (root or administrator).  They should be scriptable
& statically compiled or at least not have any unusual dependencies.
Examples:
Fport
Portqryv2
LADS
Dumpwin
Lsof
Netstat -an / -ln
Tiger
Hfnetchk
Msinfo32
Winmsd


!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+
CryptoMail provides free end-to-end message encryption.  
http://www.cryptomail.org/   Ensure your right to privacy.
Traditional email messages are not secure.  They are sent as
clear-text and thus are readable by anyone with the motivation
to acquire a copy.
!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+
Previous By Date Next
Previous By Thread Next

Current thread: