mailing list archives
Re: [PEN-TEST] Looking for slides
From: "Haugsness, Kyle" <Kyle.Haugsness () QWEST COM>
Date: Tue, 31 Oct 2000 12:33:46 -0700
This may be what you are looking for. The folks at the San Diego
Supercomputer Center (SDSC) did an experiment earlier this year. It's a
good read. Here's the link and summary...
On December 23, 1999, the folks at SDSC setup a RedHat 5.2 vanilla,
unsecured system (Pentium) on one of their networks. The host was _not_
advertised to the world. The first portscans were observed less than 8
hours later. January 14-18 attackers tried over 20 exploits to vulnerable
services - these attacks failed (probably because they were for RedHat 6.0+
systems). Someone got root in mid-February and installed a rootkit and
sniffer. Someone else got root on February 18 and defaced the web site,
then reported to Attrition.
From: Ed Lamaster [mailto:ipnetsecure () fastpointcom com]
Sent: Tuesday, October 31, 2000 9:15 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Looking for slides
About 6 months ago I stumbled on a Powerpoint presentation that had some
interesting information about how long it took a stock RedHat box (think it
was 5.2, but I might be wrong) to be discovered and completely compromised
on a university network. My recollection was that the total time elapsed
was around 3 or 4 months.
I've been looking "everywhere" for these slides, but haven't been able to
find them. I believe they would be very useful for convincing the clueless
about just how vulnerable they are.
Anyone know the slides I'm referring to and where I can find them?
Thanks in advance...
Ed Lamaster ipnetsecure () fastpointcom com
ipnetsecure () fastpointcom com