got try www.sans.org. They often list the most common security holes in companies and weaknesses in desktops, poliocies, and a whole bunch of stuff. I took a security class with company (online courses that is) and this is a top notch site with excellent classes if you are serious. there prices are not terribly bad. Lots of good articles on various types of weaknesses.
roger -----Original Message----- From: Douglas J Hunley [mailto:[EMAIL PROTECTED]] Sent: Monday, January 07, 2002 5:51 PM To: [EMAIL PROTECTED] Subject: question for security gurus If I was to start some side consulting as a Network Security Analyzer, what tools/steps/methodologies would everyone recommend? Opensource would be best, but I'm open to anything. I've made some recommendations to my firm (who wants to go down this path) but I thought I'd get some more info from those "in the know". Basically, they want to be able to approach company XYZ, and sell them a "Security Assesment" service. What machines are exposed to Internet, what holes they have, what services are available to whom on the Internet. Can we DoS you, DNS poisoning, zone xfers, known holes, etc.. thanks in advance! -- Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778 Admin: Linux StepByStep - http://linux.nf printk("MASQUERADE: No route: Rusty's brain broke!\n"); 2.4.3 linux/net/ipv4/netfilter/ipt_MASQUERADE.c _______________________________________________ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users _______________________________________________ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
