Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Remote Desktop Security

Re: Remote Desktop Security

From: Kish Pent <kish_pent_at_yahoo.com>
Date: Tue, 2 Sep 2008 00:13:54 -0700 (PDT)

Hi Nate,

The point of having compliance as I understand is to "be marketable" to your customers (from their perspective) ... most people than not who've passed compliance will fail a thorough pen-test, hands down ;)

We all know that compliance is crap to begin with, but that's the sad reality.

Cheers :)
Kish 

--
Kishore Parthasarathy, 
Penetration Tester, Smart Security,
17/1,Upstairs, Sarojini St,T.Nagar, 
Chennai - 600 017
Phone: 91 98841 80767
--- On Sun, 8/31/08, Nate McFeters <nate.mcfeters_at_gmail.com> wrote:
> From: Nate McFeters <nate.mcfeters_at_gmail.com>
> Subject: Re: Remote Desktop Security
> To: kish_pent_at_yahoo.com
> Cc: webappsec_at_securityfocus.com, "jaredmalthus" <jared.malthus_at_gmail.com>
> Date: Sunday, August 31, 2008, 5:50 PM
> Hard to believe someone would PCI certify LogMeIn.  Makes me
> lose my faith
> in PCI... oh wait, I never had any faith in it to begin
> with.
> 
> -Nate
> 
> On Sun, Aug 31, 2008 at 5:45 AM, Kish Pent
> <kish_pent_at_yahoo.com> wrote:
> 
> > Try RSASecurID or Phonefactor's two factor
> authentication scheme.
> >
> > Overview of what is available in LogMeIn Pro version
> can be found here,
> >
> > https://secure.logmein.com/security.asp
> >
> > Documentation of security features for LogMeIn can be
> found here...
> >
> >
> https://secure.logmein.com/documentation/Security/wp_lmi_security.pdf
> >
> > Cheers :)
> > Kish
> >
> >
> > --
> > Kishore Parthasarathy,
> > Penetration Tester, Smart Security,
> > 17/1,Upstairs, Sarojini St,T.Nagar,
> > Chennai - 600 017
> >
> > Phone: 91 98841 80767
> >
> > --- On Sat, 8/30/08, jaredmalthus
> <jared.malthus_at_gmail.com> wrote:
> >
> > > From: jaredmalthus
> <jared.malthus_at_gmail.com>
> > > Subject: Remote Desktop Security
> > > To: webappsec_at_securityfocus.com
> > > Date: Saturday, August 30, 2008, 6:47 PM
> >  > I need to be PCI compliant using a remote access
> program
> > > called LogMeIn.
> > > Does anyone have any suggestions on two-factor
> > > authentication solutions that
> > > work with LogMeIn?
> > > --
> > > View this message in context:
> > >
> http://www.nabble.com/Remote-Desktop-Security-tp19238126p19238126.html
> > > Sent from the Web App Security mailing list
> archive at
> > > Nabble.com.
> > >
> > >
> > >
> -------------------------------------------------------------------------
> > > Sponsored by: Watchfire
> > > Methodologies & Tools for Web Application
> Security
> > > Assessment
> > > With the rapid rise in the number and types of
> security
> > > threats, web application security assessments
> should be
> > > considered a crucial phase in the development of
> any web
> > > application. What methodology should be followed?
> What tools
> > > can accelerate the assessment process? Download
> this
> > > Whitepaper today!
> > >
> > >
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> > >
> -------------------------------------------------------------------------
> >
> >
> >
> >
> >
> -------------------------------------------------------------------------
> > Sponsored by: Watchfire
> > Methodologies & Tools for Web Application Security
> Assessment
> > With the rapid rise in the number and types of
> security threats, web
> > application security assessments should be considered
> a crucial phase in the
> > development of any web application. What methodology
> should be followed?
> > What tools can accelerate the assessment process?
> Download this Whitepaper
> > today!
> >
> >
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> >
> -------------------------------------------------------------------------
> >
> >
      
-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Sep 02 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos