From: Michael Scheidell (scheidell@secnap.net)
Date: Sat Dec 02 2006 - 11:48:28 EST
> I think that the usage of tools like Metasploit might be
> dangerous for the business continuity. It's very important to
> let the staff know which are the side effects of this kind of
> tests and so it's necessary to find a test server. Try to
> imagine if you use a tool like Ettercap and the side effect
> is that employees can't access AS/400 systems because of the
> network traffic... i think this wouldn't make the staff so
> happy to hire you services.
Real story:
Public traded biotech firm hired us to fix their VPN.
While there, one of the 'final four' accounting firms was in trying to
pretend they were doing IT security audits.
A quick SAFE-MODE nessus scan on the clients solais boxes, and they
needed to start a 72 hour database restore.
(Solaris 5, unpatched telnet, core dumped, core was dumped to default
slice, default slice not big enough to hold core...)
Also, other servers, nfs shares started to fail, cascaded.
Another story: nmap scan, old 3 com switches, three networks taken off
line.
On and on and on..
Best is to convince upper management it is in their be$t intere$t to
begin a comprehensive it security review, audit, security policies,
security training.
Even security training for IT personal:
www.secnap.com/training (click on '202 it staff')
If upper management doesn't DRIVE it security, it won't happen
(look at ISO 17799 focus, its all management driven)
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:24 EDT