 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Hi Rob, A very good source are the GIAC Certification Papers, in your case specifically the papers on the GCIH and GCIA certification. Links: http://www.sans.org/ http://www.giac.org/ http://www.giac.org/GCIA.php http://www.giac.org/GCIH.php I hope this helps. Kind regards, Miguel aka Nekromancer (GSEC Analyst # 3425) Rob Havelt <[EMAIL PROTECTED]> 05/02/2004 17:51 To: [EMAIL PROTECTED] cc: Subject: Penetration Whitepapers Hi All, I was wondering if anyone could point me at a good resource, as I've been looking in several different places, and haven't been able to find quite what I needed. I'm looking for either white papers or case studies or some such detailing actual real world attacks (more like real-world computer crime, computer fraud, internal attacks, etc. and less on the damage from worms or virus, DDoS, or the like) on companies who either didn't know that they had a bad security posture, couldn't keep on top of infosec issues, or ones who knew (either as the result of a pen test, health check, or some other VA) and simply didn't take any steps toward remediation. There is a ton of theory out there, risk data, and the like, and I have all that. I also realize that usually when this happens companies and law enforcement agencies, etc. try quite hard to keep the info under wraps for the obvious reasons, but I'm thinking that there has to be a few whitepapers out there as strictly "cautionary tales". Anywhere anyone could point me for the info would be much appreciated. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.