Re: Live Penetration Testing.

To: debian-security@lists.debian.org
Subject: Re: Live Penetration Testing.
From: matteo filippetto <matteo.filippetto@gmail.com>
Date: Wed, 21 Oct 2009 12:13:11 +0200
Message-id: <[🔎] aba0e18b0910210313k527b001dwd2eb804747906f79@mail.gmail.com>
In-reply-to: <[🔎] fa7b26050910210048l2dbb54e2i29423bf8265a2db4@mail.gmail.com>
References: <[🔎] fa7b26050910210048l2dbb54e2i29423bf8265a2db4@mail.gmail.com>

2009/10/21 Mike Mestnik <cheako@visi.com>:
> Are there any applications or projects to provide this *badly needed
> service? I'm willing to assist in using or putting together an nmap
> type applications that scans for known vulnerabilities and attempts to
> make use of them for security awareness and _,*"prof"*,_ of concept
> means.
>
> Rant:
> * Too often are PCI compliance testings coming up with false positives
> based on server provided version data.  No matter how many times it's
> spelled out that "These are to be used by authorized/allowed
> applications(to discover usable features or avoid version conflicts)
> and not by malicious applications.", there is always some one who is
> happy for me to change(With the approval of BOFH) the reported version
> to 0.0.0.
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>


You should try Backtrack
http://www.remote-exploit.org/backtrack.html

Bye

-- 
Matteo Filippetto

Reply to:

References:
- Live Penetration Testing.
  - From: Mike Mestnik <cheako@visi.com>

Prev by Date: Re: Live Penetration Testing.
Next by Date: is 2.6.26-19lenny1 legit?
Previous by thread: Re: Live Penetration Testing.
Next by thread: is 2.6.26-19lenny1 legit?
Index(es):
- Date
- Thread