Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: How to Determine My System Vulnerabilities
From: "Mike" <mjcarter () ihug co nz>
Date: Wed, 11 Jan 2006 22:48:22 +1300

There is of course the other (remote?) possibility that Eugene's company has
experienced a serious compromise and various mail accounts are now sending
out erroneous emails.

Mike
www.infosec.co.nz

-----Original Message-----
From: Mike [mailto:mjcarter () ihug co nz] 
Sent: Wednesday, January 11, 2006 10:38 PM
To: 'full-disclosure () lists grok org uk'
Subject: RE: [Full-disclosure] How to Determine My System Vulnerabilities

You may have nailed it Nick, we used unlocked PCs to shock users into
compliance at my previous company. (One) of the techniques was to send
emails on behalf of the offender.

Looks of surprise and denial from the perceived senders "but I didn't send
that!"
"Lock your PC next time!! And while you're here please re-read this security
policy!"

We only sent to internal addresses though :)

Mike
www.infosec.co.nz

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Nick
FitzGerald
Sent: Wednesday, January 11, 2006 4:56 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] How to Determine My System Vulnerabilities

Eugene.Smith () mpls frb org wrote:

I have three servers running Linux Red Hat OS.  I would lke to find a 
source for information regarding "How Too" when it comes to determining 
what level of kernel, SSH, PHP, ect my servers are running.  I do know how

to check some of these things but am looking for someone who is very 
knowledgeble and is willing to answer questions about this OS.

Do I detect a case of "I went to get coffee without locking my 
terminal"??

(Quickly followed by a case of "HR wants to have a talk with <insert 
one of Eugene Smith's co-workers' names here>"...)


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault