Penetration Testing mailing list archives
Re: Internal Servers (noob post)
From: avghacker () gmail com
Date: Thu, 4 Jun 2009 19:01:31 +0000
"Can you back up yours here, with something solid on the actualy threat from internal users and admins?" I can. Do to politics of the company many users have more rights then they need. Everyone also runs as a local admin of their end workstation. So basically anyone with a little knowledge of hacking can send a pre-caned exploit to a user on our interal network and have local admin privledges to a box on the network + access to other network shares. Hence hardening internal servers and/or workstations is a good idea. Not to mention that worm outbreaks like conflicker get stopped in their tracks with the appropriate hardening services in place. Sent from my Verizon Wireless BlackBerry ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- RE: Internal Servers (noob post), (continued)
- RE: Internal Servers (noob post) Gorgon Beast (Jun 03)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Don Miesle (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- Re: Internal Servers (noob post) Jeffrey Walton (Jun 04)
- Re: Internal Servers (noob post) Wim Remes (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Remo Cornali (Jun 08)
- RE: Internal Servers (noob post) Gorgon Beast (Jun 03)
- Re: Internal Servers (noob post) Sanjay Badala (Jun 08)