lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: se_cur_ity at hotmail.com (morning_wood)
Subject: MCSE training question

>Oh contraire, the first thing we do when we go onsite to work on windows box
>is ask my client to reboot it first, particularly if it is a server, as
>occassionally they they do not come back up, and we do not want to be blamed
>just because the OS is unstable

and you claim to be a security professional?
( Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA )

the first thing would be to sit down at the suspect console and observe.
the second thing would be to... observe.
then i might consider a course of action...
possibly the box in question is instable because of a compromise,
or a worm or a 0day... what about that Curt?
never would i ( or tell anyone ) to just "reboot that box before i touch it"
now i know why fortune 500 companies get horrendous infections.

"shocked and awed"

Donnie Werner
http://exploitlabs.com 


Powered by blists - more mailing lists