From: Todd Towles (toddtowles@brookshires.com)
Date: Tue Apr 05 2005 - 14:59:29 EDT
And I ask you where is the expoit information? What is the
vulnerability? Do exploits exist? Can you test if you are vulnerability?
These is a site that list patches..not the same thing. Interesting that
you think they are the same. Apple doesn't follow Full-Disclourse, that
was my point.
I didn't mean they don't patch...
> -----Original Message-----
> From: Altheide, Cory B. (IARC) [mailto:AltheideC@nv.doe.gov]
> Sent: Tuesday, April 05, 2005 1:55 PM
> To: Todd Towles; Julian Totzek; pen-test@securityfocus.com
> Subject: RE: Apple pentesting
>
> > -----Original Message-----
> > From: Todd Towles [mailto:toddtowles@brookshires.com]
> > Sent: Tuesday, April 05, 2005 10:48 AM
> > To: Julian Totzek; pen-test@securityfocus.com
> > Subject: RE: Apple pentesting
> >
> >
> > Nessus does work against Macs, the problem with testing
> Macs is they
> > never released vulnerability statements..never. If a hole is found,
> > Apple releases a patch and no ones says anything. If Microsoft did
> > this..everyone would go crazy.
>
> I'm gonna go out on a limb and say you don't know what you're
> talking about.
>
> Protip: Google for 'apple security' and this is the first hit.
>
> http://docs.info.apple.com/article.html?artnum=61798
>
>
> Cory Altheide
> Senior Network Forensics Specialist
> NNSA Information Assurance Response Center (IARC)
> altheidec@nv.doe.gov "I have taken all knowledge to be my
> province." -- Francis Bacon
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:19 EDT