Penetration Testing mailing list archives
Re: LAN pen test
From: Nick <godaemon () gmail com>
Date: Mon, 11 Dec 2006 15:25:29 +0200
Instead of taking expensive courses aiming to learn about penetration testing security ,etc is much better trying to educate yourself by studying and practice. Using existing exploits and tools is a path that saves time and making your life easier but is limited to already tested situations. Try to increase your self awareness about security and technology in order to achieve the wanted results. Krugger wrote:
What I mean is that instead of trying to beat the system by technical means, for example with a 0day instant remote exploit. It would be more probable to get in through a study of how they have build security. Examples: - Is the root/administrator password shared among certain users? Can you call the sysadmin, say you are Mr. XYZ an need to install an application. Would he give you the password? - The way around, you pose as the administrator and ask for the password because you accidently deleted his entry from the database. - Basically is there process in place for users to retrieve their lost password? Do you have to show the id or can you just reset any account? - Any default public accounts? - Is there a password policy? Do they change? To you have to have 5 letters and 3 numbers? everything that narrows down the search is good news. - How do the backup work? Does it backup everything, including password files? - Physical security. - Can you just walk inside? - Are there network cables accessible to you? etc, etc, etc... What I am trying to show you is that there is a reason why so many effective hacks are made by insiders. It is because you know how something works, that it is easier to hack into. Basically what you are looking for is just the smallest entry point, you don't have to get root straight away. That is usually well protected, but if you have a foot hold you have somewhere to work from. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: LAN pen test, (continued)
- RE: LAN pen test Clemens, Dan (Dec 07)
- Re: LAN pen test Cleiton Martins (Dec 05)
- Re: LAN pen test killy (Dec 07)
- Re: LAN pen test Bruno Cesar Moreira de Souza (Dec 07)
- Re: LAN pen test Pete Herzog (Dec 10)
- Re: LAN pen test Christine Kronberg (Dec 11)
- Re: LAN pen test anonymouse (Dec 05)
- Re: LAN pen test Bruno Cesar Moreira de Souza (Dec 07)
- RE: LAN pen test Nelson Brito (Dec 10)
- Re: LAN pen test Krugger (Dec 10)
- Re: LAN pen test Nick (Dec 11)
- RE: LAN pen test mifa (Dec 16)