Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Looking for help against Chinese Hacking Team
From: ArcSighter Elite <arcsighter () gmail com>
Date: Mon, 15 Dec 2008 09:34:35 -0500

Hash: SHA1

Mike Hale wrote:
You volunteering Tom?  ;)

On 12/13/08, Tom Le <dottom () gmail com> wrote:
On Fri, Dec 12, 2008 at 6:22 PM, Mike Hale <eyeronic.design () gmail com>
Your choices are cheap, fast and properly.

Pick two.
 Yes, often quoted, but not necessarily always true.

You can get pro bono work from security experts who are "fast" and know what
they are doing.  But you would have to trust them to some degree depending
on what information is needed.

Well, I agree with list, $200 won't get you far.
If you require professional services that would seem a joke, at least to
In the mean time, this is what I think.

Yes, consider porting, we won't debate linux vs win here, but linux is
securer and easier to adapt, you know.
Second, what company are you working for that doesn't provide an
incident response politic and team? They should do this, for any
non-trivial business process.
Third, review logs, do forensics, trace the attack vector and in some
very few cases, the source of the attack. If you're only interested in
securing the web site then the attack vector is the main target you have
 to identify. Don't blindly trust in automated products, they will give
you false positives and negatives; those cases a human being will spot
and assess accurately. Set up and configure a IDS (Snort and Encase will
do fine) and configure SQL injection detection rules, for example, this
is in the most cases will evade only script-kiddies, the way I known,
but I will provide you with another layer of security, I don't think you
have many of them.
Lastly, consider going downtime, and set up a honey with the web
server's IP and DNS, then analyze the honey, and determine the source.

That's all I can figure out in the moment.


Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]