Penetration Testing mailing list archives

Re: Gain root access on linux servers with physical access

From: "Michael Weber" <mweber () alliednational com>
Date: Mon, 18 Dec 2006 07:15:57 -0600

Just my $0.02.

Would YOU trust any code a blackmailer wrote?  Personally, I would call
the police and let them deal with extortion charges, then I would
low-level format every box that these people have touched, cut my losses
and try it again.

If they are blackmailing now, what's to say they also didn't install a
trojan, back door or logic bomb to get more money later?  

-Michael

On 12/17/2006 at 6:17 PM, Patrick <flymooney () gmail com> wrote:

   The dedicated hosting providers I have dealt with will pull a

machine

for you if that is what you need. You usually have to call ahead and

there is a small charge for it as well. I would think it would be a

big

hassle but they are happy to do it (the two times I have had to).

They

even had a test bench they let me use for moving drives around and 
testing the configuration. But as with everything, YMMV.

Patrick

------------------------------------------------------------------------

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000

0008bOW

------------------------------------------------------------------------


E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated 
file(s) may contain privileged, confidential or proprietary 
information or be protected from disclosure under law ("Confidential 
Information").  Any use or disclosure of this Confidential Information,
or taking any action in reliance thereon, by any individual/entity 
other than the intended recipient(s) is strictly prohibited.  This 
Confidential Information is intended solely for the use of the 
individual(s) addressed. If you are not an intended recipient, you 
have received this Confidential Information in error and have an 
obligation to promptly inform the sender and permanently destroy, 
in its entirety, this Confidential Information (and all copies 
thereof).  E-mail is handled in the strictest of confidence by 
Allied National, however, unless sent encrypted, it is not a secure 
communication method and may have been intercepted, edited or 
altered during transmission and therefore is not guaranteed.

Current thread:

Gain root access on linux servers with physical access spammailme (Dec 16)
- Re: Gain root access on linux servers with physical access Jordan Wiens (Dec 16)
- Re: Gain root access on linux servers with physical access Patrick (Dec 16)
  - Re: Gain root access on linux servers with physical access Gadi Evron (Dec 16)
    - Re: Gain root access on linux servers with physical access Patrick (Dec 17)
    - Re: Gain root access on linux servers with physical access Michael Weber (Dec 19)
    - Re: Gain root access on linux servers with physical access Jason Muskat, GCFA, GCUX, de VE3TSJ (Dec 20)
- Re: Gain root access on linux servers with physical access Santiago Rocandio (Dec 19)
- <Possible follow-ups>
- Re: Gain root access on linux servers with physical access Thor (Hammer of God) (Dec 16)
  - Re: Gain root access on linux servers with physical access R. DuFresne (Dec 19)
- Re: Gain root access on linux servers with physical access Thor (Hammer of God) (Dec 17)
- Re: Gain root access on linux servers with physical access Aman Raheja (Dec 17)