dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


SunWorld: Hacker's toolchest; Techniques and tools for penetration testing

May 13, 2000, 12:15 (0 Talkback[s])
(Other stories by Carole Fennelly)

WEBINAR:
On-Demand

Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame


"There are hackers capable of penetrating almost any system. The good ones get paid for it. The bad ones pay for it. What is a hacker's approach to penetration testing? What tools do they use? In this column, Carole Fennelly asks noted security specialists Brian Martin, Mark Abene, and Rain Forest Puppy for their perspective."

"I recently heard of yet another penetration test in which the vendor charged $150,000 for two days of testing. It seemed pretty expensive to me, but I assumed that the testers must have brought in some major security gurus who ran uber-elite secret exploits against the systems. In fact, they ran ISS Scanner."

"Don't get me wrong; ISS Scanner is a useful tool that tests for all known vulnerabilities. (I'm not picking on ISS; there are other tools like this as well.) It's just that for $150,000, I want Robert Redford testing my system. (Ok, who hasn't seen Sneakers? Go rent it!) ... What is a hacker's approach to penetration testing? What tools do hackers use? I decided to find out."

Complete Story