Dailydave mailing list archives
Pentesters giving away Client information
From: "Nexus" <nexus () patrol i-way co uk>
Date: Tue, 4 May 2004 19:58:26 +0100
Hi folks, Taking a slant on the "pentesters getting owned" thread, how about the information that people sometimes give away, especially on public mailing lists ? One Example : The Security Focus lists used to be excellent for this before their list software started mangling the headers as you would get webmail based posts along the lines of the common "doing a pen test for a client.." and a quick check of the header gives you the originating IP, quick whois and you know who the client is as they sent it from the client network.... </bless> OK, I have a fetish for email headers as you can probably tell by mine (;-) but does anyone else examine posts on a regular basis ? Any other war stories^H^H^H^H^H^H^H^H^Hfave examples ? Cheers. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Pentesters giving away Client information Nexus (May 04)
- Re: Pentesters giving away Client information wirepair (May 04)
- Re: Pentesters giving away Client information Daniele Muscetta (May 04)
- RE: Pentesters giving away Client information Steve W. Manzuik (May 04)