Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Apple pentesting

From: "Todd Towles" <toddtowles () brookshires com>
Date: Tue, 5 Apr 2005 13:59:29 -0500
And I ask you where is the expoit information? What is the
vulnerability? Do exploits exist? Can you test if you are vulnerability?
These is a site that list patches..not the same thing.  Interesting that
you think they are the same. Apple doesn't follow Full-Disclourse, that
was my point. 

I didn't mean they don't patch...


-----Original Message-----
From: Altheide, Cory B. (IARC) [mailto:AltheideC () nv doe gov] 
Sent: Tuesday, April 05, 2005 1:55 PM
To: Todd Towles; Julian Totzek; pen-test () securityfocus com
Subject: RE: Apple pentesting


-----Original Message-----
From: Todd Towles [mailto:toddtowles () brookshires com]
Sent: Tuesday, April 05, 2005 10:48 AM
To: Julian Totzek; pen-test () securityfocus com
Subject: RE: Apple pentesting


Nessus does work against Macs, the problem with testing 

Macs is they 

never released vulnerability statements..never. If a hole is found, 
Apple releases a patch and no ones says anything. If Microsoft did 
this..everyone would go crazy.


I'm gonna go out on a limb and say you don't know what you're 
talking about.

Protip:  Google for 'apple security' and this is the first hit.

http://docs.info.apple.com/article.html?artnum=61798


Cory Altheide
Senior Network Forensics Specialist
NNSA Information Assurance Response Center (IARC) 
altheidec () nv doe gov "I have taken all knowledge to be my 
province." -- Francis Bacon
Previous By Date Next
Previous By Thread Next

Current thread: