Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: sendmail exploit
From: Matt Andreko <mandreko () ori net>
Date: Thu, 12 May 2005 13:34:54 -0500

Not to sound like a smartass, but there are such things as blind pen-tests...



Dave Korn wrote:
----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050510145060008332 () mail gmail com


hi all;

this my first post in this mailing list;so please ...

i am doing same pen-tests ,to apply the bit of theorical knowledge i
have ,and  nessus show me same 'Critical' vulnerabilities:
sendmail 8.8



----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050511042222a87a5b () mail gmail com


i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that



  So can we conclude that the reason why you don't actually know if it's a
honeypot or not because it is not your system and you're actually trying to
break in to it, not "pen-test" it?


    cheers,
      DaveK
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault