RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services

From: DUBRAWSKY, IDO (CALLISMA) (id3878@sbc.com)
Date: Thu Jun 09 2005 - 11:47:28 EDT

• Next message: Christian Martorella: "Re: SQL injection"
• Previous message: ilaiy: "Re: SQL injection"
• Maybe in reply to: Hugo Vinicius Garcia Razera: "pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Next in thread: Tomasz Piotr Palarz: "Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As a quick follow-up to my earlier post, the MITM attack assumes that
you are either on the local LAN with the device or have access to a
system that is on the local LAN of the SQL server. Sorry...should
have
made that clearer.

Ido
- --
Ido Dubrawsky, CISSP
Senior Security Consultant
SBC/Callisma
(571) 633-9500 (Office)
(202) 213-9029 (Mobile)

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBQqhkkGmsDscGuNcHEQKBTgCfXs2+1X8iL91NF9SjBfJ6dWrflvYAoIsn
ZENMnrEWNW95ry0PqRp3a1Ch
=3yWH
-----END PGP SIGNATURE-----

• Next message: Christian Martorella: "Re: SQL injection"
• Previous message: ilaiy: "Re: SQL injection"
• Maybe in reply to: Hugo Vinicius Garcia Razera: "pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Next in thread: Tomasz Piotr Palarz: "Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:23 EDT