lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000b01c41ce7$86b21f60$582ea8c0@LUFKIN.DPSOL.COM>
From: purdy at tecman.com (Curt Purdy)
Subject: Training & Certifications

id3nt@...h.com wrote:
> Curt, you didn't define the case scenario for the first thing you do
> on a windows box.
>
> One would hate to reboot a box and lose any valuable evidence
> of an intruder
> or otherwise incriminating material.
<snip>

Of course id3nt, my bad, and it appearently caused a good deal of
misunderstanding.  I was referring to our troubleshooting Windows problems,
not security forensics.  When we are called to a site to work on a problem
with a Windows server related to networking/performance/system problems, not
security issues, the first thing we do is ask the sysadmin to reboot the
device.

We have learned this over the years, you basically can't make any change in
Windows without rebooting, and the look on the client's face when it comes
back with a bluescreen, not caused by anything you have done, is not a
pretty site. And when you then spend the rest of the night rebuilding the
system and not getting paid for it because the client "knows" the bluescreen
was caused by us, is not fun.

We have never once had this happen on a *NIX or Netware box.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ