Penetration Testing mailing list archives

Re: Pen-Test and Social Engineering

From: Volker Tanger <vtlists () wyae de>
Date: Wed, 8 Feb 2006 22:46:12 +0100

Greetings!

On Wed, 08 Feb 2006 08:55:52 -0600
Leif Ericksen <leife () dls net> wrote:

SHORT AND SWEET:
IMHO, a good pen-test will have a contract that dictates 
1) Name of the company being tested and people that will be testing.
2) Any forbidden access methods.
3) Any forbidden tactics DOS/or even a shutdown of the server 
   (Real hackers will not care if they shutdown or DOS a server.)
4) Time of the attacks. (start/end date start/end time) 
   (Real hackers will not care about time.)
5) Maybe all telephone numbers owned by the company for a war-dial
list.
   But this might not be shared with the whole team.  If a modem is 
   found a weakness is noted, and the actual intrusion team would have
   to find modems with SE or other methods.
6) If the team is going to be on premise can they enter restricted
areas or are they only allowed to test the door to see if it is open.


Most important: contacts (esp. phone numbers!) of all people involved!

7a) contact details of pen testers where the client can contact them during
    the test in case something goes wrong.  I once wardialed a client who
    was not aware that his telephone system relayed each and every non-valid
    number and/or service to the front desk. 50.000 numbers dialed where
    only 20% were connected. 4 wardialers each running at 30second
    intervals. Effectively DoSed the client telephone-wise...

7b) contact (and authority) details of the client. Especially when doing
    physical assessment. Police usually won't take a "Dunno" as valid
    legitimation for trespassing...

7c) Who is allowed to know and who not (e.g. for a pentest with simultaneous
    readiness/performance test of the IDS/FW/network staff).


Bye

Volker


-- 

Volker Tanger    http://www.wyae.de/volker.tanger/
--------------------------------------------------
vtlists () wyae de                    PGP Fingerprint
378A 7DA7 4F20 C2F3 5BCC  8340 7424 6122 BB83 B8CB

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

RE: Pen-Test and Social Engineering, (continued)
- - - RE: Pen-Test and Social Engineering Lyal Collins (Feb 07)
- Re: Pen-Test and Social Engineering jalvare7 (Feb 06)
- Re: Pen-Test and Social Engineering Bob Radvanovsky (Feb 06)
  - Re: Pen-Test and Social Engineering Pete Herzog (Feb 06)
  - RE: Pen-Test and Social Engineering Erin Carroll (Feb 06)
    - Re: Pen-Test and Social Engineering Fixer (Feb 06)
    - Re: Pen-Test and Social Engineering Pete Herzog (Feb 07)
    - RE: Pen-Test and Social Engineering Terry Vernon (Feb 07)
    - RE: Pen-Test and Social Engineering Leif Ericksen (Feb 08)
    - Re: Pen-Test and Social Engineering Pete Herzog (Feb 08)
    - Re: Pen-Test and Social Engineering Volker Tanger (Feb 08)
    - Re: Pen-Test and Social Engineering Leif Ericksen (Feb 09)
- RE: Pen-Test and Social Engineering Andrew Lacey (Feb 06)
- Re: Pen-Test and Social Engineering Bob Radvanovsky (Feb 06)
  - Re: Pen-Test and Social Engineering Neil (Feb 07)
- RE: Pen-Test and Social Engineering Bob Radvanovsky (Feb 07)