Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME]
From: Trygve Aasheim <trygve () pogostick net>
Date: Mon, 15 Sep 2008 10:14:21 +0200
Goes into my collection of terrible scenarios...a company that doesn't follow any guidelines on good security at all. 

Helpdesk employee with access to shadow files on servers?
Wake up...
Helpdesk employee that forwards sensitive information to @hotmail accounts on request from people that actually say they don't work there? 
Hard to belive.

That company has bigger issues than OOO.

Sorry, but it sounds like a fib....
If it is true, then holy...

Cheers,
T



Michael Boman wrote:

On Sun, Sep 14, 2008 at 10:19 PM, Jon Kibler <Jon.Kibler () aset com> wrote:

Okay, since I started this, you're on!

Real world example...


That one goes into my collection of good scenarios. Thanks for sharing.

Best regards
Michael Boman



------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in Securing Web Applications 
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]