You need to use a hardware write blocker and industry recognized software like EnCase.

Very cool video. I like it!

I've got a client where an internal scan said one of their core routers has a RIP-2 Poisoning issue.

This is the exact Nessus description:
Tenable Network Security

I understand that an...

Thanks everyone.

I guess one thing you can do is just basic non-intrusive enumeration, right?
Things like looking for login pages, seeing if there are any version tags on the webpages themselves...

I'm curious how everyone else handles 3rd party hosted servers when you're doing a pen-test or vulnerability assessment.
Say you're doing a test against a company, and their email, and website are...

Very nice. You put it a lot better than I did. I simply gave the issue with time, but I didn't add that the loss in time could be spent in other areas. I think that's what I need for them to get it....

This is a tight script! Very cool. Thanks.



.

Cool script. Thanks!

The only things I would maybe add would be nessus and openvas.
If I do it, I'll post up the change.

I actually do vulnerability assessments.
In the past we've always asked the company to supply us with their external IPs, but the guy running the project has been learning about different...

How can you find a companies IP range if all you have is their domain name, and their website and email are hosted(AKA, no DNS records)?

I know if you have 1 IP, you can do a ARPNIC whois search,...

NeXpose is just a vulnerability scanner right? If Nessus is showing issues, but metasploit doesn't have the exploits to attack the issues, then I don't think this would resolve the OPs problem. The...