mailing list archives
Re: [PEN-TEST] Deeper Penetration
From: "J. Oquendo" <intrusion () ENGINEER COM>
Date: Thu, 16 Nov 2000 09:16:26 -0500
It's hard for something like Tivoli, or a reporting or monitoring tool that is installed on the domain and running
agents, not to be installed as a privileged
Thats what groups are for and hopefully people don't forget that. Its also a good thing to run little neat toys like
sudo aliong with expect scripts an networks which needs access levels at a higher norm than typical "mom-and-pop"
sudo + ipsec + expect over tunneling is probably the best way to have something like Tivoli or any other montoring
service set up in my opinion. Sure its a bit of a b#tch to set up but thats the fun part.
For someone breaking into something, those services that are running as accounts other than LocalSystem or local
accounts, can be a great thing to find!
For someone configuring these services I would hope they would be more clueful when assessing security. Then again if
this were so many security gurus would be poor :O
sil () disgraced org
sil () antioffline com
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup