Re: Gain root access on linux servers with physical access

From: Michael Weber (mweber@alliednational.com)
Date: Mon Dec 18 2006 - 08:15:57 EST

• Next message: David M. Zendzian: "Re: PCI Compliance (Vulnerability Scans)"
• Previous message: Sels, Roger: "Re: Pen-testing - pricing model"
• In reply to: Patrick: "Re: Gain root access on linux servers with physical access"
• Next in thread: Jason Muskat, GCFA, GCUX, de VE3TSJ: "Re: Gain root access on linux servers with physical access"
• Reply: Jason Muskat, GCFA, GCUX, de VE3TSJ: "Re: Gain root access on linux servers with physical access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Just my $0.02.

Would YOU trust any code a blackmailer wrote? Personally, I would call
the police and let them deal with extortion charges, then I would
low-level format every box that these people have touched, cut my losses
and try it again.

If they are blackmailing now, what's to say they also didn't install a
trojan, back door or logic bomb to get more money later?

-Michael

>>> On 12/17/2006 at 6:17 PM, Patrick <flymooney@gmail.com> wrote:

> The dedicated hosting providers I have dealt with will pull a
machine
> for you if that is what you need. You usually have to call ahead and

> there is a small charge for it as well. I would think it would be a
big
> hassle but they are happy to do it (the two times I have had to).
They
> even had a test bench they let me use for moving drives around and
> testing the configuration. But as with everything, YMMV.
>
> Patrick
>
>
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000

> 0008bOW
>
------------------------------------------------------------------------

E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated
file(s) may contain privileged, confidential or proprietary
information or be protected from disclosure under law ("Confidential
Information"). Any use or disclosure of this Confidential Information,
or taking any action in reliance thereon, by any individual/entity
other than the intended recipient(s) is strictly prohibited. This
Confidential Information is intended solely for the use of the
individual(s) addressed. If you are not an intended recipient, you
have received this Confidential Information in error and have an
obligation to promptly inform the sender and permanently destroy,
in its entirety, this Confidential Information (and all copies
thereof). E-mail is handled in the strictest of confidence by
Allied National, however, unless sent encrypted, it is not a secure
communication method and may have been intercepted, edited or
altered during transmission and therefore is not guaranteed.

• Next message: David M. Zendzian: "Re: PCI Compliance (Vulnerability Scans)"
• Previous message: Sels, Roger: "Re: Pen-testing - pricing model"
• In reply to: Patrick: "Re: Gain root access on linux servers with physical access"
• Next in thread: Jason Muskat, GCFA, GCUX, de VE3TSJ: "Re: Gain root access on linux servers with physical access"
• Reply: Jason Muskat, GCFA, GCUX, de VE3TSJ: "Re: Gain root access on linux servers with physical access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:28 EDT