Security Basics (basics) Mailing List

Re: FakeAlert virus removal

Tue, 2 Dec 2008 16:03:15 -0500

Posted by Alexander Swensen on Dec 2

On Tuesday 02 December 2008 3:07:34 pm John Williams wrote:
> Dear LIst,
>
> I am working with a small local police department to resolve a malware
> issue on their police web site. When the web site is access directly
> from a browser address bar, the web site displays...

FakeAlert virus removal

Tue, 2 Dec 2008 15:07:34 -0500

Posted by John Williams on Dec 2

Dear LIst,

I am working with a small local police department to resolve a malware
issue on their police web site. When the web site is access directly
from a browser address bar, the web site displays properly. But when
the web site is accessed via a google search, the "FakeAlert"...

kjtsiteserver

Tue, 2 Dec 2008 11:39:32 -0600

Posted by Greg Jones on Dec 2

Does anyone know what this service (kjtsiteserver) actually does? It
uses port 1339, but I've been searching for an article that describes
what it is exactly and what program or service uses it.

Thank you in advance!

Sincerely,

Greg Jones

This e-mail and any...

RE: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Tue, 2 Dec 2008 12:10:57 -0500

Posted by Donovan Michael Contractor DC3 on Dec 2

Backtrack 4 is going Ubuntu, according to Emanuele Gentili:

http://swik.net/Ubuntu/Planet+Ubuntu/Emanuele+Gentili:+BackTrack4+choose+Ubu
ntu!/ccujx

-----Original Message-----
From: listbounce_at_securityfocus.com [mailto:listbounce_at_securityfocus.com] On
Behalf Of...

Re: Creating my own personal Linux distribution for PenetrationTesting and White-Hat Hacking

Tue, 2 Dec 2008 16:58:55 +0000

Posted by craftypuma_at_gmail.com on Dec 2

I don't understand why you don't just want to use Backtrack?

Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: "Tiago 'gouki' Faria" <gouki_at_goukihq.org>

Date: Mon, 01 Dec 2008 17:25:09
To:...

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

1 Dec 2008 23:02:02 -0000

Posted by cshaffer_at_gmail.com on Dec 1

('binary' encoding is not supported, stored as-is) I'd say go with back track and forget the legwork :)

http://www.remote-exploit.org/backtrack.html
Received on Dec 02 2008

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Mon, 1 Dec 2008 13:24:41 -0700

Posted by krymson_at_gmail.com on Dec 1

('binary' encoding is not supported, stored as-is) This isn't a tool request but rather a suggestion:

For the livecd version (if you have one), make the bootup be stealthy on the network, i.e. don't immediately yell out on the wire for an IP or hope on the first open wireless network.

This was...

Re: First day and week as CISO?

Mon, 1 Dec 2008 22:04:11 +0100

Posted by Franck Vervial on Dec 1

I am not a CISO but if I was one, my first day / first week job would be :

1) have a company presentation :
    - organization chart
    - assets and which are the more important for the business
    - infractructures of SI...

RE: First day and week as CISO?

Mon, 1 Dec 2008 14:24:56 -0600

Posted by Robertson Seth on Dec 1

Conduct a fresh organization-wide risk assessment to determine the
stregths and weaknesses of the information security controls and
practices; the existing security staff probably know a handful of
weaknesses off-hand (sore points which they have previously been
unsuccessful at better...

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Mon, 1 Dec 2008 19:47:20 +0100

Posted by Alvaro Durán Tovar on Dec 1

Hello,

I'm going to recommend thouse:

aircrack-ng
netscan.exe
enum.exe
hping3
dsniff
lynis (to make a quick scan for a security audit)
Etherape (to have a friendly image about the communications)

Regards.

PS: I want to know if you will offer this distribution for free download, and...

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Mon, 1 Dec 2008 12:45:38 -0500

Posted by Shawn Merdinger on Dec 1

Hi Chip,

You might want to take a look at Nubuntu - http://www.nubuntu.org/

It's a good learning experience to roll your own distro, and other
projects' information, guides and forums can help you to avoid common
pitfalls.

On Mon, Dec 1, 2008 at 6:42 AM, Chip Panarchy...

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Mon, 01 Dec 2008 18:44:05 +0100

Posted by Esteban Diez Laiz on Dec 01

Hello Chip Panarchy,

First, it's a very good idea !
Second : Here is my personal opinion since i'm not an expert in
pentesting.

1- get a ride of Cain an Abel, too slow. It's better to get some
tutorials for john the ripper and wireshack. For a newbee it's a good
feeling to click an see...

Re: Re: First day and week as CISO?

Mon, 1 Dec 2008 20:33:07 -0700

Posted by bill_smith_66_at_hotmail.com on Dec 1

('binary' encoding is not supported, stored as-is) Request a briefing on all on-going security operations (scans, IPS, IDS, log reviews, etc) to get a firm graps of threats and potential exploits

Review of any and ALL C & A Packages.

Review how systems are prepared for deployment, deployed...

Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking

Mon, 1 Dec 2008 19:31:28 +0200

Posted by Razi Shaban on Dec 1

On Mon, Dec 1, 2008 at 1:42 PM, Chip Panarchy <forumanarchy_at_gmail.com> wrote:
> Greetings,
>
> Recently I have been working on a distribution of Linux built on
> Debian... to get more specific, built on Linux -> Debian -> Ubuntu
> 8.10 -> Super Ubuntu....

Re: Re: First day and week as CISO?

Mon, 1 Dec 2008 13:52:41 -0700

Posted by infosec.manager_at_gmail.com on Dec 1

('binary' encoding is not supported, stored as-is) Your first day and week will largely be used to meet the key decision makers, and to begin building relationships. At this stage, you should try to understand what do these people think is important to protect. Often, one is surprised as to what...