Penetration Testing mailing list archives
Re: Internal Servers (noob post)
From: Don Miesle <donmiesle () mac com>
Date: Thu, 04 Jun 2009 11:31:31 -0700
Terry Childs, System Admin who hacked and then controlled the San Francisco IT infrastructure is the most famous and recent. Talk to any Internal investgations team at any major corporation (if they aren't confidential) they will give you dozens
Link on lessons learned from insider threats based on Terry Childs matter:
http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=209100789 On Jun 4, 2009, at 8:28 AM, R. DuFresne wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 3 Jun 2009, Gorgon Beast wrote: [SNIP]Since many attacks happen from the inside anyway, you should protect those machines. If you want to get really granular (which a lot of companies are, lately), you can put your servers in an internal DMZ as well, behind a firewall and only all authorized workstations to connect to them. This take a lot of work to implement if you are already set up.Insider threat is often stated, and the metrics I've seen on it do not seem to be backed up. Can you back up yours here, with something solid on the actualy threat from internal users and admins?Thanks, Ron DuFresne - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629These things happened. They were glorious and they changed the world...,and then we fucked up the endgame. --Charlie Wilson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFKJ+gQst+vzJSwZikRAnuQAJ0dXvUVxlT6yXWjBXSI1EX5zkwCzACeK7zX hfzCDdey2VAuiOieLZnMci0= =WDkc -----END PGP SIGNATURE----- ------------------------------------------------------------------------This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Internal Servers (noob post) pma111 (Jun 02)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) misconceptions persist; R. DuFresne (Jun 26)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) Terry M (Jun 03)
- Re: Internal Servers (noob post) Muhammad Farooq-i-Azam (Jun 03)
- RE: Internal Servers (noob post) Gorgon Beast (Jun 03)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Don Miesle (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- Re: Internal Servers (noob post) Jeffrey Walton (Jun 04)
- Re: Internal Servers (noob post) Wim Remes (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Remo Cornali (Jun 08)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)
- Re: Internal Servers (noob post) Sanjay Badala (Jun 08)
- <Possible follow-ups>
- Re: Internal Servers (noob post) avghacker (Jun 04)