Penetration Testing mailing list archives
Re: Looking for help against Chinese Hacking Team
From: ArcSighter Elite <arcsighter () gmail com>
Date: Tue, 16 Dec 2008 08:32:11 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 RaptorX wrote:
what Adriel meant was PROPERLY DESIGNED Parameterized Stored Procedures, and I totally agree with him. Providing a short time solution is a good idea but you have to finish the job properly which in the case of a pen-tester would be report and provide with a viable (permanent) solution. I also agree partially with Sam, specially windows systems, after hacked it is a MUCH BETTER idea to rebuild it improving the security of course.
Well, PROPERLY DESIGNED of course if almost impossible, but you think this is the case? I repeat myself: he's wishing to stop the attacks, and of course I think/hope he'll take the appropriate measures then. IMHO he wouldn't be able to fix anything if he is constantly under attack. And sure, linux is the best solution, even a win port of apache will do better than IIS, again IMHO. Again, SQL injection could result in a host compromise, so re-deploying would be the optimal form: ex. instead of finding rookits, install clean. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJR63bH+KgkfcIQ8cRAtEfAKD1RSDlHRt8KKt50BxRVDIWMpcDDACg/MY2 rO6vnTNeQWAilBnNjp79c+8= =wVY+ -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Re: Looking for help against Chinese Hacking Team, (continued)
- Re: Looking for help against Chinese Hacking Team Daniel Clemens (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 16)
- Re: Looking for help against Chinese Hacking Team Sam Stelfox (Dec 15)
- RE: Looking for help against Chinese Hacking Team George M. Garner Jr. (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 18)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 15)
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 15)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 15)
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 15)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 15)
- Message not available
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 16)
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 16)
- Re: Looking for help against Chinese Hacking Team Mike (Dec 18)
- Re: Looking for help against Chinese Hacking Team David Howe (Dec 18)
- Re: Looking for help against Chinese Hacking Team p4ssion (Dec 18)
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 15)