Penetration Testing mailing list archives

Re: Boot floppy

From: Sat Jagat Singh <flyingdervish () yahoo com>
Date: Wed, 11 Apr 2007 10:49:54 -0700 (PDT)

This should be dealt with through policies and
procedures concerning how systems are managed.  At the
very least, I would address it with the user's direct
supervisor or dept. head.  If IT has no basis in
organizational policy for control over such systems
and the user's own manager won't reign them in, you
have no legal leg on which to stand.  If
organizational policy says that you have the right to
control the config of the machine then, again, you
need to take up your concerns about this user's
behavior with the responsible authority.
--- Mifa <mifa () stangercorp com> wrote:

We have a user who takes a company  computer home
with them (no its not a lap top).  We have a good
reason to need to look at their files.  However, we
want to do so without that employ knowing.  They
seem to know something about security becasue auto
runs is disabled and the workstation is always
locked with a third party software.  INserting a U3
drive will not run a program either.  Are there any
programs that will boot from a floppy then copy a
program to the c drive then wite an auto start entry
into the registry?  This was the only way I can
think of to get the user to install a program..

Any other ideas how we maight gain access?  It has
to be fast (bathroom breaks ect).  I dont have time
to load a live cd. Further, robooting would cause
the user to loose work.

------------------------------------------------------------------------

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download
Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW

------------------------------------------------------------------------




       
____________________________________________________________________________________
Now that's room service!  Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel to find your fit.
http://farechase.yahoo.com/promo-generic-14795097

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org, (continued)
- - - 答复: [SPAM] - Re: Boot floppy - Sending mail server found on relays.ordb.org Cony.Zhou (Apr 11)
  - Re: Boot floppy Chris Zevlas (Apr 11)
    - Re: Boot floppy Curt Purdy (Apr 13)
- Re: Boot floppy berg (Apr 10)
- Re: Boot floppy Zed Qyves (Apr 11)
  - RE: Boot floppy Scott Ramsdell (Apr 11)
  - Re: Boot floppy Tim (Apr 11)
- Re: Boot floppy Anders Thulin (Apr 11)
  - RE: Boot floppy Marvin Simkin (Apr 11)
  - RE: Boot floppy Pretorius, Wynand (ZA - Johannesburg) (Apr 11)
- Re: Boot floppy Sat Jagat Singh (Apr 11)
  - Re: Boot floppy Danyelle Gragsone (Apr 11)
- Re: Boot floppy Jamie Riden (Apr 11)
- Re: Boot floppy Juergen Fiedler (Apr 11)
- RE: Boot floppy Wiedemann, Adrian (Apr 11)
- RE: Boot floppy Mifa (Apr 13)
  - Re: Boot floppy Michael Munt (Apr 13)
  - RE: Boot floppy Sat Jagat Singh (Apr 13)
- Re: Boot floppy Shreyas Zare (Apr 13)
  - Re: Boot floppy Morning Wood (Apr 13)
  - Re: Boot floppy Packet Man (Apr 15)

(Thread continues...)