From: Nick (godaemon@gmail.com)
Date: Mon Dec 11 2006 - 08:25:29 EST
Instead of taking expensive courses aiming to learn about penetration
testing security ,etc is much better trying to educate yourself by
studying and practice.
Using existing exploits and tools is a path that saves time and making
your life easier but is limited to already tested situations. Try to
increase your self awareness about security and technology in order to
achieve the wanted results.
Krugger wrote:
> What I mean is that instead of trying to beat the system by technical
> means, for example with a 0day instant remote exploit. It would be
> more probable to get in through a study of how they have build
> security.
>
> Examples:
>
> - Is the root/administrator password shared among certain users? Can
> you call the sysadmin, say you are Mr. XYZ an need to install an
> application. Would he give you the password?
> - The way around, you pose as the administrator and ask for the
> password because you accidently deleted his entry from the database.
> - Basically is there process in place for users to retrieve their lost
> password? Do you have to show the id or can you just reset any
> account?
> - Any default public accounts?
> - Is there a password policy? Do they change? To you have to have 5
> letters and 3 numbers? everything that narrows down the search is good
> news.
> - How do the backup work? Does it backup everything, including
> password files?
> - Physical security.
> - Can you just walk inside?
> - Are there network cables accessible to you?
> etc, etc, etc...
>
> What I am trying to show you is that there is a reason why so many
> effective hacks are made by insiders. It is because you know how
> something works, that it is easier to hack into.
>
> Basically what you are looking for is just the smallest entry point,
> you don't have to get root straight away. That is usually well
> protected, but if you have a foot hold you have somewhere to work
> from.
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
>
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:26 EDT