Security Basics (basics) Mailing List

Re: exploiting Microsoft IIS5 NTLM and Basic authentication bypass

3 Jul 2009 21:04:07 -0000

Posted by abc_at_xyz.com on Jul 3

('binary' encoding is not supported, stored as-is) Check this out:

http://www.securityfocus.com/archive/1/469238

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of...

exploiting Microsoft IIS5 NTLM and Basic authentication bypass

Thu, 2 Jul 2009 21:31:15 -0700 (PDT)

Posted by Juan B on Jul 2

Hi All,

I am doing a web site pentest for a client, acunetix scanner informs that the site is vulnerable to Microsoft IIS5 NTLM and Basic authentication bypass, any Idea how to exploit it?

from where to begin ?

THanks a lot !

Juan

...

Multi thread

Thu, 2 Jul 2009 16:42:04 -0100

Posted by Antão Miguel Chantre on Jul 2

Hi
I Would like to know if is possible to see the all thread in a Linix System

Thanks
AMChantre

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who...

[SuSe Linux] SecCheck tool by Marc Heuse

Thu, 2 Jul 2009 03:25:44 -0700 (PDT)

Posted by Andre Rodrigues on Jul 2

Hi, I need to understand some issues reported by the seccheck tool that runs on linux boxes. I´ve searched docs and howto´s on the internet but found anything. Here are some examples: _______________ Changes in your daily security configuration: * Changes (+: new entries, -: removed...

Re: SSH Trojans

Tue, 30 Jun 2009 14:34:55 -0700

Posted by Jim Mellander on Jun 30

Daniel Hood wrote:
> List,
>
> Im looking into SSH Trojans, just a general understanding of them so I
> can hopefully someday tell the difference between an SSH Trojan and
> the rear end of my heel and not have to make stupid "AM I HAX0RED?!?"
> forum posts. But...

RE: Blocking traffic by Country to reduce spam

Wed, 1 Jul 2009 14:01:21 +0200

Posted by Andreas Heinzelmann on Jul 1

Hi,

IP Blocking based on country allocation is the worst you can do. Picture
this: your customer is on a business tripp in India and it is not
possible
to access resources due to his then Indian IP.

I made the same experiences with my Bank Account in the US. At present I
am located in...

Re: Port question

Mon, 29 Jun 2009 20:21:57 +0200

Posted by Ansgar Wiechers on Jun 29

On 2009-06-25 Marco Shaw wrote:
>> And don't bother with "Shields Up". If you want to do a portscan, use
>> something like nmap.
>
> Since this is a basics list...
>
> Now, let's qualify that a bit... Not everyone is technically savvy
> enough to...

Re: Blocking traffic by Country to reduce spam

Mon, 29 Jun 2009 12:32:43 -0400

Posted by J. Oquendo on Jun 29

chmod1777_at_mydotcom.com wrote:
> I looked and wasn't able to find the thread in this list, but I do have the site that I mentioned (I had it bookmarked).
>
> http://www.countryipblocks.net/
>
> It formats the lists in whatever way your choose, depending on how you'll use...

Re: Port question

Mon, 29 Jun 2009 20:39:27 +0200

Posted by Ansgar Wiechers on Jun 29

On 2009-06-26 Murda Mcloud wrote:
>> If anything, you should be worried about ports that show up as
>> "stealth".
>
> Hey Ansgar-do you mean because there is no way of knowing exactly what
> your system is doing with the packet? Therefore no way of knowing...

RE: Port question

Fri, 26 Jun 2009 14:11:10 +1000

Posted by Murda Mcloud on Jun 26

>>If anything, you should be worried about ports that show up as "stealth".

Hey Ansgar-do you mean because there is no way of knowing exactly what your
system is doing with the packet? Therefore no way of knowing that it has
done the 'right' thing? I suppose it could be 'did...

SSH Trojans

Fri, 26 Jun 2009 14:06:54 +1000

Posted by Daniel Hood on Jun 26

List,

Im looking into SSH Trojans, just a general understanding of them so I
can hopefully someday tell the difference between an SSH Trojan and
the rear end of my heel and not have to make stupid "AM I HAX0RED?!?"
forum posts. But after a couple of hours of googling though, I can't...

Designing a capture the flag event

Thu, 25 Jun 2009 14:14:29 -0400

Posted by Chris Teodorski on Jun 25

Hello all,

We are in the process of launching a security user group in Pittsburgh
(Pittsug -- www.pittsug.org). For the kick-off meeting, we are going
to have an offensive CTF game. We have some ideas on how to do this
(and we've googled a good bit) but I was wondering if anyone on the
...

RE: Port question

Thu, 25 Jun 2009 17:16:03 +0100

Posted by Ian Bradshaw on Jun 25

I think 'stealth' means it wont respond with anything to packets sent.

'closed' means it will positively respond saying your not allowed to use this port.

Generally, either is fine, as they will both result in the same action .. i.e. nothing getting though.

Some people prefer to have them all...

RE: Blocking traffic by Country to reduce spam

Thu, 25 Jun 2009 17:15:05 +0100

Posted by Tom Farrar on Jun 25

I've used this method before, and it is effective. My problem with it is
the risk to reliable mail delivery; who knows when someone outside of
the UK/USA or with a mail relay in Paris will need to mail you. I mean,
I never e-mail outside of the UK or USA, but I'd go batsh!t if gmail
started...

Re: Port question

Thu, 25 Jun 2009 09:12:43 -0700

Posted by Marco Shaw on Jun 25

> And don't bother with "Shields Up". If you want to do a portscan, use
> something like nmap.

Since this is a basics list...

Now, let's qualify that a bit... Not everyone is technically savvy
enough to know what to do with such a statement. Nmap requires you
have a system...