Penetration Testing: Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME]

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME]

From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Tue, 16 Sep 2008 09:44:41 +0100

Alexandru Bradescu-Popa wrote:

Interesting security procedures they have. Help-desk with access on
/etc/shadows. No written request for high sensitive files. They'll pass with
flying colors any security audit.


Helpdesk often has access to /etc/shadow - admittedly, this should be
via privileged executables (passwd and adduser/rmuser etc with the suid
 bit set) but I imagine the number of sites where they couldn't be
bothered to set up a second set of (set privileged) binaries for the
helpdesk, per machine, and just gave them root, is quite high - but
resetting user passwords is a common helpdesk function.

I suspect that most don't know what /etc/shadow is, or why it should be
kept secure - after all "passwords are in /etc/passwd, aren't they?"

I would also suspect that a request for /etc/passwd would have met with
more resistance, purely because of that :)


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

By Date By Thread

Current thread:

RE: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME], (continued)