RE: Laboratory Setup Help (RS)

From: Arturo \ (buanzo@buanzo.com.ar)
Date: 02/03/02


Date: Sun, 3 Feb 2002 09:13:58 -0300 (ART)
From: "Arturo \"Buanzo\" Busleiman" <buanzo@buanzo.com.ar>
To: Marcelo Gulin <gulinma@bytefinder.ath.cx>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 31 Jan 2002, Marcelo Gulin wrote:

> Hi!
Hi everybody!

> Or reverse your search. Search for exploits first and then download
> that apps that you know that are vulnerable. There's a lot of sites
> with local/remote exploits for various daemons.

I believe my original post mas kinda confusing. I didn't want to ask for
vulnerable versions and their corresponding exploits, but for experiences
regarding the creation of such a laboratory from people with expertise in
the area, I've received flames, of course, which I understand now that I
have re-read my original post. As someone said to me "You're asking for
YOUR job to be done?". The answer is NO. Other people sent me original
ideas, interesting facts about lab creation and setup, team coordination,
etc, and what they Attack Plans where. That kind of information is what
I'm now asking. I'm sorry if someone was offended or touched by what I
asked, which was not what I wanted to do. I wouldn't be on this mailing
list if I couldn't find an exploit by myself ;). I'm on vuln-dev, secprog,
bugtraq and sectools too.

Thank you all, specially to the moderator, I kind person.

Arturo "Buanzo" Busleiman -=( RareGaZz-Team Member )=-
http://www.buanzo.com.ar GNU/Linux USERS, MP Ediciones
GNU's es_AR Translation Team Leader
Moderador de Seguridad@alipso.com
Turcin Soluciones Informaticas http://www.turcin.com.ar
PGP/GnuPG Public Key available at horowitz.surfnet.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8XSmI+kypiSoPpFoRAsq0AKDCafOSVVxUFFddNu4WhjEabw/nvgCffik5
dS72yshyKz1ivmwGFLz1hRE=
=TTGd
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • RE: Laboratory Setup Help (RS)
    ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >> vulnerabilities please see: ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Cross Site Scripting Vulnerabilities - XSS
    ... Cross Site Scripting Vulnerabilities - XSS ... >> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Cross Site Scripting Vulnerabilities - XSS
    ... Cross Site Scripting Vulnerabilities - XSS ... >>> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: Vulnebrability level definition
    ... 'severity' of a given vulnerability, and this severity can change with time. ... different methodologies to rate vulnerabilities and present the associated ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Scanners and unpublished vulnerabilities - Full Disclosure
    ... AH> vulnerabilities they have notified vendors about. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)