Penetration Test Assistance

Harry Hoffman hhoffman at
Tue Jun 5 13:37:37 CDT 2012

There are lots of reasons why a pentester would want a network diagram.

The foremost being a point to which they can say, these are the networks 
that I was given as a point of reference to pentest.

This is often a CYA policy for when people start complaining about the 
scanning that is going to occur and potentially break their systems.


On 06/05/2012 02:34 PM, Darden, Patrick S. wrote:
> I'm with Barry--a network diagram showing everything from the pov of the pen team should be part of the end report.
> --p
> -----Original Message-----
> From: Barry Greene [mailto:bgreene at]
> Hi Tim,
> A _good_ pen test team would not need a network diagram. Their first round of penetration test would have them build their own network diagram from their analysis of your network.
> Barry

More information about the NANOG mailing list