Re[2]: Generating awareness amongst IT staff

From: Roman Shirokov (insecure@yandex.ru)
Date: Sun Dec 03 2006 - 09:04:40 EST


Hello, Jerome.

You wrote

> btw Metasploit could just be used to create a file on a target (a common
> technique to show that a system is ownable without disturb it)...

> My 3 cents...
> /JA
> This message was checked by NOD32 antivirus system.
> http://www.eset.com

Anyway the stack will be corrupted and unhandled execution may crash a
system. I think using exploits on the opertional servers which have to
function 24x7 is too dangerous. First of all agreement should be
signed.

-- 
Best regards,
 Roman 
 securitybox@softhome.net
 http://securitybox.org.ru
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:24 EDT