Honeypots mailing list archives

Re: Requiring help for implementation testing.; Re: Re: Requiring help for implementation testing.

From: Valdis.Kletnieks () vt edu
Date: Tue, 01 Feb 2005 13:47:40 -0500

On Tue, 01 Feb 2005 17:07:24 +0100, "Guillaume.Rix" said:

Perhaps already change the default page with all authorizations for
attack it.
It's not all but it's already a first thing, no ?


The ability to change the default page isn't the same thing as having the
authority to let people attack the machine.  There's plenty of machines that I
have the permissions to change the webserver, but I *don't* have the right to
invite people to attack it.

In fact, if I were a black hat, it might be interesting to hack the default
page like that, then have a whole bunch of people attack the box to do the rest
of the work for me.  It's hard enough getting one black hat out of a system,
getting several dozen misguided white hats out is even more fun.. :)

Attachment: _bin
Description:

Current thread:

Requiring help for implementation testing. José Vicente Tomé Vecchione (Jan 31)
- Re: Requiring help for implementation testing. Valdis . Kletnieks (Feb 01)
- <Possible follow-ups>
- RE: Requiring help for implementation testing. Gregory Lemmon (Feb 01)
  - Re: Requiring help for implementation testing. Guillaume.Rix (Feb 01)
  - Message not available
    - Re: Requiring help for implementation testing.; Re: Re: Requiring help for implementation testing. Valdis . Kletnieks (Feb 01)