Penetration Testing mailing list archives
Re: [PEN-TEST] Looking for slides
From: "Haugsness, Kyle" <Kyle.Haugsness () QWEST COM>
Date: Tue, 31 Oct 2000 12:33:46 -0700
This may be what you are looking for. The folks at the San Diego Supercomputer Center (SDSC) did an experiment earlier this year. It's a good read. Here's the link and summary... http://security.sdsc.edu/incidents/worm.2000.01.18.shtml On December 23, 1999, the folks at SDSC setup a RedHat 5.2 vanilla, unsecured system (Pentium) on one of their networks. The host was _not_ advertised to the world. The first portscans were observed less than 8 hours later. January 14-18 attackers tried over 20 exploits to vulnerable services - these attacks failed (probably because they were for RedHat 6.0+ systems). Someone got root in mid-February and installed a rootkit and sniffer. Someone else got root on February 18 and defaced the web site, then reported to Attrition. Regards, Kyle -----Original Message----- From: Ed Lamaster [mailto:ipnetsecure () fastpointcom com] Sent: Tuesday, October 31, 2000 9:15 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Looking for slides About 6 months ago I stumbled on a Powerpoint presentation that had some interesting information about how long it took a stock RedHat box (think it was 5.2, but I might be wrong) to be discovered and completely compromised on a university network. My recollection was that the total time elapsed was around 3 or 4 months. I've been looking "everywhere" for these slides, but haven't been able to find them. I believe they would be very useful for convincing the clueless about just how vulnerable they are. Anyone know the slides I'm referring to and where I can find them? Thanks in advance... Ed Lamaster ipnetsecure () fastpointcom com ----------===========---------- Ed Lamaster ipnetsecure () fastpointcom com
Current thread:
- [PEN-TEST] Looking for slides Ed Lamaster (Nov 01)
- Re: [PEN-TEST] Looking for slides van der Kooij, Hugo (Nov 01)
- Re: [PEN-TEST] Looking for slides Bennett Todd (Nov 01)
- Re: [PEN-TEST] Looking for slides William D. Colburn (aka Schlake) (Nov 01)
- Re: [PEN-TEST] Looking for slides Gary Flynn (Nov 01)
- <Possible follow-ups>
- Re: [PEN-TEST] Looking for slides Haugsness, Kyle (Nov 01)
- Re: [PEN-TEST] Looking for slides Ed Lamaster (Nov 01)