Re: Odd situation, advice needed on penentration test results

From: Harlan Carvey (keydet89@yahoo.com)
Date: 03/26/03

  • Next message: saraf@hushmail.com: "Thankyou" 
    Date: Wed, 26 Mar 2003 14:01:44 -0800 (PST)
From: Harlan Carvey <keydet89@yahoo.com>
To: pen-test@securityfocus.com

    Ido,

    > While catching this person is obviously of
    importance,
    > the more critical step to take is to secure the
    system
    > for forensic analysis.

    I would agree that the system needs to be secured, but
    what good does shutting down the system do if you
    loose all of the volatile data, such as running
    processes, network connections, etc? How do you trace
    the issue back to whomever is responsible if you don't
    even know what IP address they're coming from, b/c
    you've lost the volatile data?

    > I would recommend that the your
    > client unplug the power from the system (hopefully
    the
    > intruder has not setup a logic bomb that triggers if
    the
    > network interface goes down).

    I'm not sure I completely understand your reasoning
    here. If you unplug the power from the system, and
    the NIC goes down (due to lack of power), wouldn't the
    system itself shut off? Wouldn't the hard drive stop
    spinning and the CPU no longer process instructions?

    If that's the case...how's a logic bomb going to
    execute?

    Thanks,

    Harlan

    __________________________________________________
    Do you Yahoo!?
    Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
    http://platinum.yahoo.com

    top spam and e-mail risk at the gateway.
    SurfControl E-mail Filter puts the brakes on spam & viruses
    and gives you the reports to prove it. See exactly how much
    junk never even makes it in the door. Free 30-day trial:
    http://www.surfcontrol.com/go/zsfptl1

  • Next message: saraf@hushmail.com: "Thankyou"

    Relevant Pages

    • Re: Vetting
      ... question of what they are trying to accomplish. ... to secure their power for self gratification you are right. ... this shows your real agenda and it's basically the FAUX NEws agenda of ...
      (misc.transport.road)
    • Try not to rid the ears about, sum them overall.
      ... Her complete and secure dominance. ... man sees only her power, which he loves to feel as his own; ... but a power that exists only within her sphere of submission. ...
      (sci.crypt)
    • Re: James Watsons Idiocy & The Racists Lack of Control Of Himself
      ... my concentrated attention on the faults of the feminine ... Her complete and secure dominance. ... man sees only her power, which he loves to feel as his own; ...
      (comp.robotics.misc)
    • Re: Man gets nine years for spamming
      ... Rich Grise wrote: ... You still need a spam filter. ... > So somebody should publish a "list of known spammers" and some blocker ... A simple way to create a secure e-mail network and keep existing ...
      (sci.electronics.design)
    • Re: Security problem at Gmail.com
      ... >> You could try disabling "warn if changing between secure to not secure ... >> images, and thus prevent the problem in the first place. ... > So you are suggesting using Google to defeat Google, ... And to be fair, the problem is not Google, per se, but SPAM. ...
      (microsoft.public.windowsxp.help_and_support)