Owning scanning tools is lame. Owning IDS systems would be very cool.
Of course all ISS updates are signed last I checked.
Phil
> -----Original Message-----
> From: David Maynor [mailto:dave_at_0dayspray.com]
> Sent: Saturday, December 06, 2003 6:16 PM
> To: Brass, Phil (ISS Atlanta)
> Cc: dailydave_at_lists.immunitysec.com
> Subject: RE: [Dailydave] Dreaming of Summer
>
>
> IF you are using something like apt-secure this would not
> happen. The chance of owning tons of boxes thru apt-get is
> slim to none. If i had to pick a target it would be something
> like ISS update or SPI Dynamics, nothing better than owning
> security tools. As far as windows go, I am suprised noone has
> owned this yet. The amount of damage a person could cause by
> this is mind blowing. But since we are going this route, why
> not own linksys? You troajn every router download to be a DOS
> zombie...next to nobody would even realize that firmaware
> upfgrade is not knock nasdaq.com offline. I think its just
> bad to offer upgrades/updates over the web that are not signed.
>
> --
> David Maynor
> http://www.0dayspray.com/~dave
>
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://www.immunitysec.com/mailman/listinfo/dailydave
Received on Dec 07 2003
Intro
