Friday, May 06, 2005

Ports and IP addresses

These are two things that come to my mind when I think about Security testing/Hacking.
I tend to believe that all security and hacking revolves around getting info about these two things Right?

Honeypots - what are they .....

These days I reading like crazy on security related topics. I am also collecting lots of Hacking tools. Hacking? Still long way to go. I often dream about becoming a white hat hacker.

I like hacking as this is close to testing - it about something you explore in an unknown territory. Hackers (whitehat) have same amount of passion, enthu and curiosity as a seasoned software tester. Tester go for bugs and while hackers seek vulnerabilities. So lots of similarities.

Well While I was reading on security I came across this site - that talks about honeypot.

What is a honeypot - to simply put it "it is a specially and intentionally produced piece of software vulnerability that is open for attack for hackers".
In the article, the author identifies two types of honeypots - one production and other research. This classification is purely based on what you can do with Honeypot.

Typical usages are to monitor the possible attacks, or reaserch purpose.
In another interesting case, honeypots are used by organizations that outsource the security assessment or penetration testing. The agency or company or individual's skill doing such testing/assessment is indicated by "the speed with which they discover that honeypot. Failure to find out honeypot may even terminate their assignment in some cases.

Dont forget to check out this site for detailed discussion on honeypots

I am on to reading another topic of security testing - Keep coming back I shall post more often on security testing on this site...

Shrini

Monday, May 02, 2005

Another quotable quote ...

Here is another quotable quote ....

Testers make informed decisions possible because they think
critically about software. That's big-time fun, and a serious privilege.