> -----Original Message----- > From: Alvin Oga [mailto:[EMAIL PROTECTED] > Sent: Sunday, 20 July 2003 5:59 p.m. > To: Paul Vet > Cc: MARTIN M. B�noni; [EMAIL PROTECTED] > Subject: RE: Know such a web's server tool? -- huh > > okay.... i'll bite ... why does everybody/somebody think that "pen-test" > means to run a port scan w/ nmap/nessus .. etc ..
Exactly this is the reason why penetration testing isn't only running of nmap/nessus/iss/whatever, but more important - interpretation of results and additional steps taken. Everyone can run tools, but only people who understand things can interpret their results and find additional possible or existing security problems. Regards, Bojan Zdrnja --------------------------------------------------------------------------- ----------------------------------------------------------------------------
