lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 15 Jan 2010 18:48:18 +0000
From: Benji <me@...ji.com>
To: Christian Sciberras <uuf6429@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: All China, All The Time

I'll put it this way.

Im an attacker in your network, trying to get access to your "most sensitive
information". Ive identified the server that stores this information and Im
looking around for keys/passwords etc etc etc.

Are you saying it wouldnt help me to know that I needed 5 keys, thus
pointing me towards what to look for?


On Fri, Jan 15, 2010 at 6:44 PM, Christian Sciberras <uuf6429@...il.com>wrote:

> No, that was actually configuration description; best of luck finding
> our facility.
>
> On Fri, Jan 15, 2010 at 7:42 PM, Benji <me@...ji.com> wrote:
> > Actually you were boasting, it was irrelevant to have what you have as a
> > security precausion. Infact, one could argue that you were making your
> setup
> > insecure by telling people how you're secured from the get go.
> >
> > On Fri, Jan 15, 2010 at 6:38 PM, Christian Sciberras <uuf6429@...il.com>
> > wrote:
> >>
> >> My question was mostly rhetoric, I tried to imply the point on why
> >> computers with sensitive information were;
> >> 1. not fully up to date (=>from the top of my had, the exploit had
> >> several issues in non-standard browser versions?)
> >> 2. running internet explorer (=>more known as a target, nothing against
> >> MSIE)
> >> 3. used to surf the web (=>why else would you be using IE [rhetoric])
> >> 4. not monitored correctly (=>our most sensitive information is stored
> >> in a server locked up 5 times, the only way to get in is either
> >> getting all the keys or through a remote exploit*)
> >>
> >> I think the above points violate a couple of rules in security auditing.
> >>
> >> * I'm not boasting about our configuration; this is very easy to
> >> achieve in a company of 5 and one server rack.
> >>
> >>
> >> On Fri, Jan 15, 2010 at 7:08 PM, Peter Besenbruch <prb@...a.net> wrote:
> >> > On Thursday 14 January 2010 21:49:05 Christian Sciberras wrote:
> >> >> "They used an IE exploit to get in."
> >> >> The people at *Google* use *IE*?!! Besides, how does an exploit in IE
> >> >> affect the server?
> >> >
> >> > It would affect a person with login rights to a server.
> >> >
> >> > This wasn't just an attack on Google, btw, it was an attack on 32
> >> > different
> >> > companies.
> >> > --
> >> > Hawaiian Astronomical Society: http://www.hawastsoc.org
> >> > HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky
> >> >
> >> > _______________________________________________
> >> > Full-Disclosure - We believe in it.
> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ