On January 07, Douglas J Hunley enlightened our ignorance thusly: > If I was to start some side consulting as a Network Security Analyzer, what > tools/steps/methodologies would everyone recommend? Opensource would be best, > but I'm open to anything. I've made some recommendations to my firm (who > wants to go down this path) but I thought I'd get some more info from those > "in the know". > > Basically, they want to be able to approach company XYZ, and sell them a > "Security Assesment" service. What machines are exposed to Internet, what > holes they have, what services are available to whom on the Internet. Can we > DoS you, DNS poisoning, zone xfers, known holes, etc..
I would start with nmap, then proceed to more aggressive probes such as Saint or Satan. In the process, consider password guessing programs, packet sniffers, and some of the common root kits. K -- You will receive a legacy which will place you above want. _______________________________________________ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
