RE: Things better left without a tcp/ip stack

From: Fernando Cardoso (fcardoso@trusted.pt)
Date: Tue Sep 02 2003 - 05:33:22 EDT

• Next message: Chris Reining: "Re: device connection hijacking"
• Previous message: Kurt Seifried: "Re: device connection hijacking"
• In reply to: Vlad: "Things better left without a tcp/ip stack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

[...]
>
> 1) Should I notify the company immediately and terminate the pen test
> early to safeguard them?

Usually when I find a major security breach in a pen-test I gather all the
info I can about it (for reporting purposes) and notify the company
immediately. I think this is the right thing to do in order to safeguard the
customer.

>
> 2) Could this just be a sys admins honeypot or private joke?

Maybe, but you should notify them anyway. Maybe this can be a honeypot setup
in order to find out your pen-test skillz :)

>
> 3) Has anyone ever encountered anything similar?

I've encountered some weird stuff but nothing similar...

>
> 4) Who wants to help me take the sys admin out back and apply a baseball
> bat to him if it is indeed what it appears to be?

Your contract covers that possibility? Cool :^)

Fernando

Trusted Systems - http://www.trusted.pt
Praça de Alvalade, n.º 6 - 6.º piso
1700-036 Lisboa, PORTUGAL
Tel: +351 217994200
Fax: +351 217994242

--
A presente mensagem pode conter informação considerada confidencial.
Se o receptor desta mensagem não for o destinatário indicado, fica
expressamente proibido de copiar ou endereçar a mensagem a terceiros.
Em tal situação, o receptor deverá destruir a presente mensagem e por
gentileza informar o emissor de tal facto.
Privileged or confidential information may be contained in this
message. If you are not the addressee indicated in this message, you
may not copy or deliver this message to anyone. In such case, you
should destroy this message and kindly notify the sender by reply
email.
---------------------------------------------------------------------------
FREE Trial!
New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL 
and PROFESSIONAL TL software. Fast, reliable vulnerability assessment 
technology powered by the award-winning FoundScan engine. Try it free for  21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
----------------------------------------------------------------------------

• Next message: Chris Reining: "Re: device connection hijacking"
• Previous message: Kurt Seifried: "Re: device connection hijacking"
• In reply to: Vlad: "Things better left without a tcp/ip stack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT