Re: Email Pen-testing

From: Michael Richardson (mcr@sandelman.ottawa.on.ca)
Date: Wed Mar 24 2004 - 14:42:37 EST


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Frank" == Frank Knobbe <frank@knobbe.us> writes:
    Frank> an Incident Response Exercise to test the response capabilities of a
    Frank> client. You are less concerned about getting root but instead try to
    Frank> operate stealthy or in an otherwise defined pattern, attempting to
    Frank> penetrate, but allowing others to take notes of the response
    Frank> procedures of the clients incident response team.

  Like, for instance, do the IT people even know who to call once they
have "caught" you?

  In Canada, the responsability for "computer crime" devolved from the
RCMP to the local police forces. Alas, the knowledge and experience did
not get passed down. The Ottawa police, as competent as they are for
most things, spends all their computer time tracking down child porn and
stalkers. If you call them and say, "I'm from Corporation FOO, my
firewall was compromised", they offer to send ... the fire department.

  So, in Ottawa at least, my conclusion is that there isn't a number
that can be called anymore.

- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
  
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQGHkrIqHRg3pndX9AQG4hQP/St4ihxRjdcZSYPne59pUM5//BI05iP1H
zU7ZkqcbKvtqi6uKV08/xUxJldOeH9P7S7tM+NtfcEq0JNTYRKpj8q7IxLSgkd5g
M+J4GM4T2k+QSBVPoG2aHAXpHrOZlSlDYWlyoqhF0gVCBf6tZoBs5aSsbgqWNa7P
ZpEqgBErn9E=
=Hrq3
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:51 EDT