Mark, As far as testing we use a completely unpatched box (depending on what platform we want to test is what OS is loaded). I also use a program called metasploit (metasploit.com) and Knoppix-STD (knoppix-std.org). Knoppix is an ISO of a linux distro with all kinds of security tools loaded. If you have VMWare 5.0 available it works nicely because you can just mount the ISO in VM and lauch it that way. Or you can just burn the ISO and boot your PC from the CD. Ryan Hoffmann Greatland Corporation
>>> "Weiss, Mark (M.A.)" <[EMAIL PROTECTED]> 10/18/2005 2:37:34 PM >>> All, I'm looking for some feedback regarding any testing of ISS products (notably Server Sensor, Network System, Internet Scanner & Proventia Desktop) that is done by companies once they receive them prior to implementation into their production environments. We are mainly looking for test matrices, types of functionality tested, tools used and anything else that could help us create a test enviornment that would allow us to fully test these products before we release them into production. Thanks in advance, Mark Weiss Ford Motor Company _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
