Dailydave mailing list archives
More offensive security metrics and you
From: dave <dave () immunityinc com>
Date: Mon, 17 Aug 2009 18:08:10 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So I've spent my time on planes recently trying to figure out a metric for something a bit soft. I've noticed that there comes a point where a hacker has been in a system for X number of days, reading emails, learning about things, where it's not going to be possible to keep them out. There's a certain set of things they know that give them an infinite edge over the defence. This needs to be a hacker with some set of analysis attached to it of course. Example things you should know after X days: 1. Active Directory structure. 1a. Purpose of various OU's 1b. Administrators and their roles 1c. relationships to other active directory forests 1d. Corporate groups 1e. History (i.e. the "why" things are set up the way they are) 2. Password policies 2a. New user default passwords 2b. Passwords enforced by anything in particular? 3. internal terminology ("Yo, the EQT just exceeded our TOL - did you fill out a ETM for that?") 4. Backup programs, patching programs. 5. How tech support calls work 6. Intranet web apps users use. 7. Overall network layout and FW policies. etc. etc. I know there's a long list of these sorts of things, and when you have 80% of them, you can't get kicked out. Essentially, you'll have found strategic operational flaws that transcend any point-fixes the company may be able to put into place. So that's my offensive security metric of the week. :> And now, a brief message from our sponsor, Shari! ___________________________________________________________________ As a vendor at the upcoming Hacker Halted Conference in downtown Miami, FL, we are able to provide you with a special discounted registration rate of $999 (which is a $300 savings). If you are interested in attending this conference at the special discounted rate, please email admin () immunityinc com to get the registration code needed for the discount to be applied. There are no strings or fine print attached in order to take part in this special offer. Below you will find more information about the conference. *Hacker Halted USA 2009, the 14th in the global series, will be hosted in Miami, Florida, from Sep 23 - 25. To be held at the Hilton Miami Downtown, Hacker Halted USA 2009 is set to be the perfect platform for information security professionals to enhance knowledge and exchange views, as well as network with other security professionals globally. This information security conference will feature some of the best security experts including the likes of Amit Yoran, Prof. Howard Schmidt, Dave Litchfield, Ari Takenen, Ira Winkler, Dr. Herbert H. Thompson, Ron Gula, Greg Hoglund and Edward Haletky, among others. It presents a comprehensive program comprising intriguing, thought provoking and current security topics such as Threats and Countermeasures, Virtualization Security, Computer Forensics and Investigations, Application Security and Secure Coding, Malware and Botnets, etc. There will be an exhibition showcasing the latest technologies, solutions and services in IT security as well. To make Hacker Halted USA 2009 a truly valuable conference for all attendees, EC-Council will be hosting three custom designed security workshops led by EC-Council Master Instructors. These full fledged one-day workshops on Sep 25, will cover three of the most popular security topics, namely *Identifying Threats and Deploying Countermeasures (Ethical Hacking)*; *Principles of Incident Handling*; and *Exposing Virtualization Security Threats*. All registrants for the conference will be entitled to attend one of these workshops, worth $599, at absolutely no additional cost. Presented by EC-Council, Hacker Halted has been hosted in different cities including Myrtle Beach, Dubai, Taipei, Singapore, Kuala Lumpur, Guangzhou, Mexico City, Tokyo among others. The objective of the global series of Hacker Halted conferences is to raise international awareness towards increased education and ethics in Information Security. *Hackers Are Ready. Are you?* http://www.hackerhalted.com - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkqJ1MoACgkQtehAhL0gheppAACfdd3VzMrwNjWpDSpib2i+yRmb mfQAnisJE11BYwMboTW37JAZCyYQQb49 =bVrQ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- More offensive security metrics and you dave (Aug 17)
- Re: More offensive security metrics and you dan (Aug 18)
- <Possible follow-ups>
- Re: More offensive security metrics and you Kevin Noble (Aug 26)