From: nick leachman (nleachman@gmail.com)
Date: Mon Dec 04 2006 - 08:24:30 EST
Hi,
You mention an image of an AS/400 for vmware - can you please provide details?
- Nick
On 12/3/06, pand0ra <pand0ra.usa@gmail.com> wrote:
> Why is there a discussion on doing an attack against live systems? The
> whole purpose if the topic is to give the administrators a clue on
> security. You can demonstrate that without compromising live systems.
> It takes little time to setup a VM server and attack that without
> risking any live systems. Heck, you could even take the image of a
> live system and use that for your VM server if you wanted to make it
> more realistic. As for an AS/400 or what not there are images of those
> out there as well that will run on VM. But as this is an introduction
> doing something with an AS/400 is excessive. The point can be made
> with a simple Windows\Linux box. It might even be helpful to give the
> admins a hands-on for the demo but that depends on how responsible
> they are and if you can trust them with that information (but then
> again you should be able to trust them regardless or they should not
> be there).
>
> On 12/3/06, Roman Shirokov <insecure@yandex.ru> wrote:
> > Hello, Jerome.
> >
> > You wrote
> >
> >
> > > btw Metasploit could just be used to create a file on a target (a common
> > > technique to show that a system is ownable without disturb it)...
> >
> > > My 3 cents...
> > > /JA
> > > This message was checked by NOD32 antivirus system.
> > > http://www.eset.com
> >
> > Anyway the stack will be corrupted and unhandled execution may crash a
> > system. I think using exploits on the opertional servers which have to
> > function 24x7 is too dangerous. First of all agreement should be
> > signed.
> >
> > --
> > Best regards,
> > Roman
> > securitybox@softhome.net
> > http://securitybox.org.ru
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> > ------------------------------------------------------------------------
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
-- "The Lord bless you and keep you; the Lord make His face to shine upon you, and be gracious to you; the Lord lift up His countenance upon you, and give you peace." Num. 6:24-26 ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT