|
Penetration Testing
mailing list archives
RE: Spyware assessment techniques - hub?
From: "Richard Zaluski" <rzaluski () ivolution ca>
Date: Mon, 13 Feb 2006 09:02:42 -0500
The scary part of the lack of knowledge is that a lot of the people who work
in the computer sections (At the Box stores for example) are students in
Computer Sc or have their MCSE / Certifications.
Richard Zaluski
CISO, Security and Infrastructure Services
iVOLUTION Technologies Incorporated
905.309.1911 Ext 600
866.601.4678 Ext 600
www.ivolution.ca
rzaluski () ivolution ca
-----Original Message-----
From: offset [mailto:offset () svcroot net]
Sent: Sunday, February 12, 2006 8:59 PM
To: pen-test () securityfocus com
Subject: Re: Spyware assessment techniques - hub?
I agree about real hub hassles, and most stores have no clue
about what you are talking about. I've even seen one brand that
said hub on the box, but was really a switch.
I've had good luck with NetGear hubs. They are very inexpensive on eBay.
Something like the 4port 100mb hubs (netgear en104)
or the 8port 10/100mb Netgear hubs (netgear en108)
On Sun, Feb 12, 2006 at 01:37:54PM +0100, Petr.Kazil () eap nl wrote:
If you are doing a host:
- interrupt the hosts uplink with a hub and plug your snort box in.
You could have this all setup on a laptop.
I have tried this but run into problems:
- Real hubs are (almost?) impossible to get nowadays. Even the cheapest
"hub" is really a switch. If you know where I can find a hub-like network
component, then I'll order it right away.
- I was able to buy the last real hub from a PC-shop, but it was only
10Mbps and it refused to work with my 100Mb cards and switches.
A few nice sniffer componentens are described in the book:
"Extrusion Detection: Security Monitoring for Internal Intrusions"
but these are not cheap.
----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Re: Spyware assessment techniques, (continued)
Re: Spyware assessment techniques - hub? Petr . Kazil (Feb 12)
RE: Spyware assessment techniques Paul Melson (Feb 13)
RE: Spyware assessment techniques Butler, Theodore (Feb 10)
|
Intro
