Dailydave mailing list archives
Re: The Threshold of Hackiness
From: Paul Johnston <paul.johnston () pentest co uk>
Date: Wed, 02 Jan 2013 20:42:35 +0000
Hi,
I can agree to some extent, but I find difficult to set the threshold of cluelessness one can accept from a supposedly "good hacker".
I had a go at this recently and came up with a three tier definition: 1) Script kiddie - Uses public tools and exploits, but does not understand them, and cannot fix problems 2) Proficient hacker - Uses public tools and exploits, with full understanding; can tweak tools for unusual scenarios 3) Advanced persistent threat - Has a collection of zero day exploits, and is able to develop new exploits Now this gets interesting from a defensive point of view. You can stop 1 and 2 using standard security best practices. But the standard defences break down when faced by an attacker with zero day exploits. Paul -- Pentest - The Application Security Specialists Paul Johnston - IT Security Consultant / Tiger SST PenTest Limited - ISO 9001 (44/100/107029) / ISO 27001 (IS 558982) Office: +44 (0) 161 233 0100 Mobile: +44 (0) 7817 219 072 Email policy: http://www.pentest.co.uk/legal.shtml#emailpolicy Registered Number: 4217114 England & Wales Registered Office: 26a The Downs, Altrincham, Cheshire, WA14 2PU, UK _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- The Threshold of Hackiness MartÃn (Jan 02)
- Re: The Threshold of Hackiness Paul Johnston (Jan 02)
- Re: The Threshold of Hackiness Ben Nagy (Jan 03)
- Re: The Threshold of Hackiness Vitaly Osipov (Jan 02)
- Re: The Threshold of Hackiness Paul Johnston (Jan 02)