From: Morning Wood (se_cur_ity@hotmail.com)
Date: Fri Apr 13 2007 - 15:03:46 EDT
here is where an ARP / MITM attack, combined with DNS
redirection to a browser exploit comes in handy. He does
use your companies network doesnt he? With this technique
you can also spy on his traffic, user / pass combos etc.
As far as getting a trojan on... less than 10 seconds are required
if hosted on a website, simply open browser, type url, select "open"
close browser, walk away.
As an employer, you control your network, and may spy at will.
Consider also going to his residence and scan for wireless...
seems odd your jumping through alot of hoops here...
M. Wood
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:44 EDT