[prev in list] [next in list] [prev in thread] [next in thread]
List: inet-access
Subject: RE: Qmail spammer tools
From: "Liam Randall" <lrandall () isa-inc ! com>
Date: 2005-04-14 14:07:06
Message-ID: 4973F96289804743A7EE5D929F0EDB405C791C () isa-mail01 ! isa-inc ! com
[Download RAW message or body]
Incidentally if you'd like to learn more about your enemy the \
pen-test@securityfocus.com has a low level of detailed descriptions of attack \
methods/vectors.
The other day some one pointed out this knoppix based pen testing tool that really \
impressed me:
http://www.whoppix.net/
My jaw hit literally hit my desk when I saw the Demo's from the site- flash video's \
with line command by command how-to's of exploits. I actually demo'd the same Cisco \
SNMP vulnerability in a class I taught over one year ago, but the accessibility and \
simplicity of these things boggles the mind. It was one thing to respect the \
technology having learned it over time through careful study and experience. Respect \
for networks comes with knowing what it means to operate networks. I don't remember \
where I read it (fortune?), but with metasploit, whoppix, and nessus out there- "it's \
like giving whiskey and car keys to teenage boys..."
Liam Randall
Network Engineer
-----Original Message-----
From: list-bounces@inet-access.net
[mailto:list-bounces@inet-access.net]On Behalf Of william(at)elan.net
Sent: Wednesday, April 13, 2005 10:07 PM
To: list@inet-access.net
Subject: Re: Qmail spammer tools
On Wed, 13 Apr 2005, Drew Linsalata wrote:
> > But why do you want to know who made the tool anyway, especially since you
> > shut them down before they could spam?
>
> Curiosity, mainly. That, and the old "know your enemy" doctrine. (-:
That doctrine works with hacker tools, i.e. whenever I find system hacked
I always try to find the source rootkit and logs of how it got hacked.
The reasons are to study how it works to better protect against it in the
future and be able to detect it if it happens. However I'm not so sure
such doctrine really applies to spammer tools left on your box by a
customer, while the tools are of some interest to those researching and
tracking spammers, for average sysadmin it'll not not help much.
--
William Leibzon
Elan Networks
william@elan.net
_______________________________________________
"Eat sushi frequently". - Avi
inet@inet-access.net is the human contact address.
list@inet-access.net is the list posting address.
See below URL for subscribe/unsubscribe and list options:
http://inet-access.net/mailman/listinfo/list
_______________________________________________
"Eat sushi frequently". - Avi
inet@inet-access.net is the human contact address.
list@inet-access.net is the list posting address.
See below URL for subscribe/unsubscribe and list options:
http://inet-access.net/mailman/listinfo/list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic