An interesting feature in SunWorld this month called "Hacker's toolchest" calls to question the value of some high-priced professional security auditors that simply run a port scanner against your network, print the output of the scanner, then charge you thousands of dollars for the printout. Hardly a professional audit. For a much better insight on how a real attack on your network would go down, Carole Fennelly interviews Attrition.org founder Brian Martin a.k.a. Jericho, 2600 contributor and phreaker legend Mark Abene a.k.a. Phiber Optik, and regular BUGTRAQ poster Rain Forest Puppy, the bane of Microsoft. The three discuss how they conduct professional audits and a few of the basic tools they use such as binfo.c, nmap, ghba.c, and whisker.