Penetration Testing mailing list archives
Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME]
From: Jon Kibler <Jon.Kibler () aset com>
Date: Mon, 15 Sep 2008 06:17:30 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ray.hawkins () comcast net wrote:
Jon ~ great example and on the $$$ for what I was obliquely getting at - ignorance is not bliss and shame on anyone that advertises they are not "home" (and further shame on anyone who would profess any holistic security apparatus to be fool-proof). I was dumb enough once to turn my yard post light on middle-afternoon so it'd be on when I returned home later that evening. Lucky that time I had (and still do) three large hungry dogs to greet the intruder that watched me leave. Not many business networks have the same safety net eh? Thanks, Ray
Moral of the Story: *NEVER* tell a pen tester: "My systems are secure and you cannot possibly break into them." (Just ask Larry Ellison if you need more examples of this moral.) Corollary: Like the T-Shirt says: Social engineering works because there is no patch for human stupidity. Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjONjoACgkQUVxQRc85QlMk/QCgibTMhEkD8u6uioc+Hxc2Yp+h UX0An16FU0AJ0OykJOBcZCgdLnATD82M =wb6J -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME] ray . hawkins (Sep 14)
- Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME] Jon Kibler (Sep 15)
- <Possible follow-ups>
- Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME] s0h0us (Sep 15)
- Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME] Sat Jagat Singh (Sep 18)