Re: [PEN-TEST] Looking for slides

["Haugsness, Kyle" <Kyle.Haugsness () QWEST COM>]

This may be what you are looking for.  The folks at the San Diego
Supercomputer Center (SDSC) did an experiment earlier this year.  It's a
good read.  Here's the link and summary...

http://security.sdsc.edu/incidents/worm.2000.01.18.shtml

On December 23, 1999, the folks at SDSC setup a RedHat 5.2 vanilla,
unsecured system (Pentium) on one of their networks.  The host was _not_
advertised to the world.  The first portscans were observed less than 8
hours later.  January 14-18 attackers tried over 20 exploits to vulnerable
services - these attacks failed (probably because they were for RedHat 6.0+
systems).  Someone got root in mid-February and installed a rootkit and
sniffer.  Someone else got root on February 18 and defaced the web site,
then reported to Attrition.

Regards,
Kyle


-----Original Message-----
From: Ed Lamaster [mailto:ipnetsecure () fastpointcom com]
Sent: Tuesday, October 31, 2000 9:15 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Looking for slides


About 6 months ago I stumbled on a Powerpoint presentation that had some
interesting information about how long it took a stock RedHat box (think it
was 5.2, but I might be wrong) to be discovered and completely compromised
on a university network.  My recollection was that the total time elapsed
was around 3 or 4 months.

I've been looking "everywhere" for these slides, but haven't been able to
find them.  I believe they would be very useful for convincing the clueless
about just how vulnerable they are.

Anyone know the slides I'm referring to and where I can find them?

Thanks in advance...

Ed Lamaster   ipnetsecure () fastpointcom com

----------===========----------
Ed Lamaster
ipnetsecure () fastpointcom com