Penetration Testing
auditing web/mail proxies Dec 05 2011 09:21AM
cribbar (crib bar hotmail co uk) (3 replies)
Re: auditing web/mail proxies Dec 13 2011 05:06PM
White Hat (whitehat237 gmail com)
Re: auditing web/mail proxies Dec 11 2011 12:54AM
Brian Quick (brian e quick1 gmail com) (1 replies)
Re: auditing web/mail proxies Dec 12 2011 07:38AM
A. Ramos (aramosf gmail com)
Hello All,

Maybe this can help you: (in spanish, but easy to understand)
http://www.securitybydefault.com/2011/12/analisis-de-seguridad-de-un-pro
xy-web.html

Google translate:
http://translate.google.com/translate?sl=es&tl=en&js=n&prev=_t&hl=en&ie=
UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwww.securitybydefault.com%2F2011%2F
12%2Fanalisis-de-seguridad-de-un-proxy-web.html

Regards,

On Sun, Dec 11, 2011 at 01:54, Brian Quick <brian.e.quick1 (at) gmail (dot) com [email concealed]> wrote:
> Here is a great checklist to begin with a general list.
> http://mdsec.net/wahh/tasks.html
>
> BEQ
>
> On Mon, Dec 5, 2011 at 3:21 AM, cribbar <crib.bar (at) hotmail.co (dot) uk [email concealed]> wrote:
>>
>> Hey all,
>>
>> Has anyone ever audited a proxy during a pen test/IT audit or as an audit on
>> itself? If so do you have a scope of what kind of checks you reviewed, or a
>> checklist? The proxy software in question is web sense which addresses both
>> email filtering and web filtering. Or any tools that can automate the
>> process most welcome. Look forward to your responses ? I couldn?t find to
>> many resources on proxy auditing.
>>
>> Kind Regards
>> Cb
>> --
>> View this message in context: http://old.nabble.com/auditing-web-mail-proxies-tp32916010p32916010.html

>> Sent from the Penetration Testing mailing list archive at Nabble.com.
>>
>>
>> ------------------------------------------------------------------------

>> This list is sponsored by: Information Assurance Certification Review Board
>>
>> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>>
>> http://www.iacertification.org
>> ------------------------------------------------------------------------

>>
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

--
Alejandro Ramos
http://twitter.com/aramosf

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: auditing web/mail proxies Dec 06 2011 07:36AM
Anders Thulin (anders thulin sentor se) (2 replies)
Re: auditing web/mail proxies Dec 06 2011 07:42PM
Justin Rogosky (jrogosky gmail com)
Re: auditing web/mail proxies Dec 06 2011 09:54AM
Dion Stempfley (dtsonline verizon net)


 

Privacy Statement
Copyright 2010, SecurityFocus