Dailydave mailing list archives
RE: Pentesters getting owned?
From: "Clemens, Dan" <Dan.Clemens () healthsouth com>
Date: Tue, 4 May 2004 11:22:08 -0500
At one time I worked for a fairly shady boss in the nyc area.(that just got busted for major fraud) He had a big dispute with one of the partial owners of the company who he had bought portions of the source code for his product. Well, to make a long story short the two had a big pissing match and the owner who was living in nyc hired a team of pen testers through his law firm. They weren't that good and forgot to change their external ip address of one of their machines when they plugged into our network. We had setup arpwatch on every network segment and would receive pages whenever someone would plug into any network segment so we simply did an arin lookup of the owner of the ip address and it ended up being an law firm that advertised having a pen testing team. Anyhow , the pen testers tried to break into the network , yet where very unsuccessful. They were running all sorts of vulnerable services on their linux boxes when we checked out their eleet warez. :) I will give 400 'kewl' points to anyone on the list who can guess what 'shady nyc owner' hired these pen testers. I guess the lesson learned is if you are going to be a pen tester and you want to get on a network and not show what pen-test firm you are working for (and the admins of the network don't know your coming...) please change the external ip address you normally use before plugging your nic in. (oh yeah, patch your box before pen-testing ) -Dan -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Chad Schieken Sent: Tuesday, May 04, 2004 11:07 AM To: dailydave () lists immunitysec com Subject: RE: [Dailydave] Pentesters getting owned? I have watched a particularly crusty client DOS some pen-testers for spite. He had been embarrassed by them. The guy was a nut, but he kinda had them by the balls cause, what were they gonna do, complain? -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of wirepair Sent: Monday, May 03, 2004 8:59 PM To: dailydave () lists immunitysec com Subject: [Dailydave] Pentesters getting owned? Has anyone ever heard of or seen a pen-testers laptop get owned while their on site? I was just thinking, sometimes to exploit wacky services you need to open yourself up. Which obviously led me to the hilarious thought (albeit scary if it were me), what if i got owned? I think if I were in a different job (it security officer ect) I would most likely scan their machine when they came on site (You don't want a vulnerabler pen-tester hanging around your network breaking in and gaining access, without at least considering their security, right?) Has anyone who has these positions done such a thing? Just some fun evening thoughts, -wire -- Visit Things From Another World for the best comics, movies, toys, collectibles and more. http://www.tfaw.com/?qt=wmf _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. Thank you. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RE: Pentesters getting owned? Clemens, Dan (May 04)
- Re: Pentesters getting owned? Gary Warner (May 04)
- <Possible follow-ups>
- Re: Pentesters getting owned? Matt Hargett (May 04)