Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Penetration Whitepapers
From: "SecurIT Informatique Inc." <securit () iquebec com>
Date: Fri, 06 Feb 2004 13:41:31 -0500

Hello. I wrote such an article almost 3 years back (so the exploits used may be quite old, but the principles remains the same) entitled "Autopsy of a successful intrusion (well, two actually)", available online at http://www.geocities.com/floydian_99/autopsy.html (.txt also available) or http://iquebec.ifrance.com/securit/whitepapers/autopsy.html. There is also a spanish translation available on the geocities site.

This paper is a recollection of the events related to 2 penetration testing contracts that I performed for my employer of the time. Victim's (customer's) names have been sanitized, there's some humor in the text, some interesting technical info related to the intrusion itself (although the whole session is not portrayed, only vital steps), along with an analysis of these intrusions, why they were successful (both from the technical and human side), and some surprises I leave the reader to discover.

I've received many good comments about this paper since I wrote it, and if I remember correctly, I specifically wrote it because I remembered that someone asked the exact same question as you a few years back.

I hope you like it and that it suits your needs.

BTW, I do not know the end of the stories, since I was caught in a big change of personnel following a company merger, and didn't work for this employer long enough to see the impact of the reports I produced for these events.

Adam Richard, aka Floydman
SecurIT Informatique Inc.

At 12:51 PM 05/02/2004, Rob Havelt wrote:

Hi All,

I was wondering if anyone could point me at a good resource, as I've been looking in several different places, and haven't been able to find quite what I needed.

I'm looking for either white papers or case studies or some such detailing actual real world attacks (more like real-world computer crime, computer fraud, internal attacks, etc. and less on the damage from worms or virus, DDoS, or the like) on companies who either didn't know that they had a bad security posture, couldn't keep on top of infosec issues, or ones who knew (either as the result of a pen test, health check, or some other VA) and simply didn't take any steps toward remediation.

There is a ton of theory out there, risk data, and the like, and I have all that. I also realize that usually when this happens companies and law enforcement agencies, etc. try quite hard to keep the info under wraps for the obvious reasons, but I'm thinking that there has to be a few whitepapers out there as strictly "cautionary tales".

Anywhere anyone could point me for the info would be much appreciated.


--
oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOo
My Life is a dark grey corridor....
Oh, I've been there, usually there's a midget making googly
eyes at me... I call him Mr. Pickelini         -The Critic
---------------------------------------------------------------
rob () cobal org     {pager: rphone () cobal org)     rob.havelt
     PGP Key: http://www.cobal.org/pyrob/pgp-key.html


---------------------------------------------------------------------------
----------------------------------------------------------------------------

_____________________________________________________________________
Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps
réel avec MSN Messenger! C'est gratuit!   http://ifrance.com/_reloc/m


---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault