Penetration Testing mailing list archives
Re: Looking for help against Chinese Hacking Team
From: "Adriel T. Desautels" <ad_lists () netragard com>
Date: Mon, 15 Dec 2008 15:26:36 -0500
Comments are embedded below. On Dec 15, 2008, at 9:34 AM, ArcSighter Elite wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mike Hale wrote:You volunteering Tom? ;) On 12/13/08, Tom Le <dottom () gmail com> wrote:On Fri, Dec 12, 2008 at 6:22 PM, Mike Hale <eyeronic.design () gmail com >wrote:Your choices are cheap, fast and properly. Pick two. ;)Yes, often quoted, but not necessarily always true.You can get pro bono work from security experts who are "fast" and know what they are doing. But you would have to trust them to some degree dependingon what information is needed.Well, I agree with list, $200 won't get you far.
I think/hope he was talking about $200/hr.
If you require professional services that would seem a joke, at least tome. In the mean time, this is what I think. Yes, consider porting, we won't debate linux vs win here, but linux is securer and easier to adapt, you know. Second, what company are you working for that doesn't provide an incident response politic and team? They should do this, for any non-trivial business process. Third, review logs, do forensics, trace the attack vector and in some very few cases, the source of the attack. If you're only interested insecuring the web site then the attack vector is the main target you haveto identify. Don't blindly trust in automated products, they will give you false positives and negatives; those cases a human being will spotand assess accurately. Set up and configure a IDS (Snort and Encase will do fine) and configure SQL injection detection rules, for example, thisis in the most cases will evade only script-kiddies, the way I known,but I will provide you with another layer of security, I don't think youhave many of them.
Thats a waste of time and resources. Don't waste your time tracking down the ways that an insecure application can be attacked. Implement security then find weaknesses that were missed.
Lastly, consider going downtime, and set up a honey with the web server's IP and DNS, then analyze the honey, and determine the source.
Why would anyone do that? Its not like he can track down and beat up the hackers. He needs to prevent the attacks from working. Thats bad advice man.
That's all I can figure out in the moment. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJRmr7H+KgkfcIQ8cRAmZPAKCtg+r8OpMcn2EcP5Ro7Kt4nn0PrwCgshI0 zFxOBJgGy/V69tONVRcvyBU= =/BXl -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Adriel T. Desautels ad_lists () netragard com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Looking for help against Chinese Hacking Team harveyfrank (Dec 12)
- Re: Looking for help against Chinese Hacking Team Mike Hale (Dec 12)
- RE: Looking for help against Chinese Hacking Team Shenk, Jerry A (Dec 12)
- Message not available
- Re: Looking for help against Chinese Hacking Team Mike Hale (Dec 14)
- Re: Looking for help against Chinese Hacking Team ArcSighter Elite (Dec 15)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 15)
- RE: Looking for help against Chinese Hacking Team Alex Eden (Dec 16)
- Re: Looking for help against Chinese Hacking Team Mike Hale (Dec 12)
- Re: Looking for help against Chinese Hacking Team David Glosser (Dec 13)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 15)
- Re: Looking for help against Chinese Hacking Team Daniel Clemens (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 16)
- Re: Looking for help against Chinese Hacking Team Adriel T. Desautels (Dec 18)