It's valid IMO, but also depends on the client expectations. At the outset, the parameters of what's being tested should be well outlined. Some clients prefer purely technical measures for penetration. Others are open to a complete (
i.e. SE included) test. Obviously a better choice, but I always had 2 goals in the complete test: A) Purely technical intrusion & B) Intrusion via SE. Cover your bases, open their eyes.<br><br>Show them a) the need for vigilant employee training and security awareness programs, and
<br>b) that their infrastructure has its own stand-alone holes as well....<br><br><br><br><br><div><span class="gmail_quote">On 10/31/07, <b class="gmail_sendername"><a href="mailto:Valdis.Kletnieks@vt.edu">Valdis.Kletnieks@vt.edu
</a></b> <<a href="mailto:Valdis.Kletnieks@vt.edu">Valdis.Kletnieks@vt.edu</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Wed, 31 Oct 2007 16:56:20 CDT, reepex said:<br>> resulting to se in a pen test cuz you cant break any of the actual machines?<br><br>Lots of *actual* compromises happen the same exact way - resorting to SE.<br>As such, if a pen test doesn't cover the same territory, it's incomplete.
<br><br>"Yes, your house is secure - we checked all the doors and they're up to snuff.<br>We however didn't check if you'll open the door *anyhow* if the landshark on<br>the other side says 'Landshark', leading to everybody getting eaten."
<br><br>_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html
</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/</a><br><br></blockquote></div><br>