Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Firewall identification and penetration
From: Mike Ireton <mike () LIBRITAS COM>
Date: Fri, 1 Sep 2000 11:14:19 -0700

On Fri, 25 Aug 2000, Ben Lull wrote:

    Seeing a system from a super user's standpoint may allow you to see things
which you won't see as a normal user, but it may also cause you to over look
other things which only a normal user would notice.  To use the sudo reference
above, a super user sees a poorly configured sudoers file.  A normal user sees
the account he has, allows sudo access.  Even if you were to create a very well
configured sudeors file, the normal user will not know this, thus spinning off
into subsets of tests to determine what can and can't be done with sudo.  The
sudoers file may be secured, but because the normal user does not know this, he
may inadvertently find another security hole which was over looked.

        Oh I agree with you %100. A tester with non-privilidged access is
going to pull every trick in the book to GET privilidged access, and so
will push non-privilidged access level to the hilt, pounding on anything
in their path. But I still belive it's advantagous to have privilidged
access for the reason of checking up on systems configurations that may
require impossible-to-identify-otherwise conditions to exploit. I think it
makes a lot of sense when you consider that most sysadmins (no flames to
anyone) don't really have much of a clue when it comes to secure systems
configuration and are prone to thinking of 'making it work at all' and
leaving it that way once it's going.

Mike Ireton
Senior Systems Engineer
Libritas, Inc (Formerly Bay Office Net) - http://www.libritas.com
Voice (510) 740-7700            Where do you want to go today?
                                With Linux, I'm already there...

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]