Re: The long tail of vulnerable operating systems

[Adriel Desautels <adriel () netragard com>]

Kaite,
        The company with all of the old systems wouldn't be CFI by chance would it?

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security


Katie M wrote:
> Hey Dave,
>   Lots of places have older OSes deployed, perhaps only internally as
> you mentioned, but companies are rife with them, and sometimes closer to
> the perimeter than you'd expect.  On a consulting enagagement, I met a
> Fortune 50 company that had a massive internal deployment of Windows 98
> (yeah, I know, weird but here's why) because they had some biz critical
> crapplication that nearly everyone needed to use that would only run on
> Win98.  I told them to hire some developers or interns or somebody,
> anybody, to rewrite the thing from scratch.  :-) 
>  
>   Of course they and all those other places that run old OSes *should*
> welcome themselves into this millenium's operating systems -- we all
> agree there.  No need to start arguing the obvious.  But the point is
> that more than enough orgs (won't or) don't have the resources to
> upgrade (or to update) due to app compatibility.  That's the reality and
> the reason why attacking older OSes at a CTF-like event is still
> pertinent and practical.
>  
> My 0.01 pence.
>  
> -Katie
>
>  
> On Nov 12, 2007 3:03 AM, Dave aitel <dave () immunityinc com
> <mailto:dave () immunityinc com>> wrote:
>
> So every CTF I've played recently (like the one at CSI last week) has a
> target set of Windows 2000 and extremely old Linux (say, RedHat 8). I'm
> pretty sure that on any modern network you don't find a whole lot of
> either of these. There's always the people who still run NT4 and SCO
> OpenServer, but you have to look pretty far for them. But yet, no real
> remote exploits exist for Fedora Core 1, much less 7. Solaris has XFS
> and a few other remotes, but no one runs Solaris any more except the US
> Government, that I can tell. Even assuming you see some Solaris or AIX
> or whatever, you end up being so deep in the network already to find it
> that you've already got all the passwords and don't need exploits.
>
> But old operating systems will continue to live forever in CTF, I
> assume.
>
> Sort of as a sign of the times, while I was playing CTF on the Windows
> machine provided, I browsed the web briefly and my machine was
> immediately taken over by some really annoying spyware. So for the rest
> of the game I got to spend a lot of time clicking "close" on IE windows
> that kept popping up.
>
> Anyways, if you want to chat about it or grieve the pain of lost 0day,
> and you live in London then you should come to Immunity Pub Night In
> London Saturday Nov 24 at 6pm at the Price Arthur 80-82 Eversholt
> Street. I'll put 200 quid on the bar to help you drown your sorrows.
> RSVP to admin () immunityinc com <mailto:admin () immunityinc com>!
>
> -dave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com <mailto:Dailydave () lists immunitysec com>
http://lists.immunitysec.com/mailman/listinfo/dailydave
<http://lists.immunitysec.com/mailman/listinfo/dailydave>

> ------------------------------------------------------------------------

> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave

Attachment: adriel.vcf
Description:

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave