RE: Odd situation, advice needed on penentration test results
From: Vitaly Osipov (firstname.lastname@example.org)
Date: Thu, 27 Mar 2003 11:13:23 +0300 From: "Vitaly Osipov" <email@example.com> To: <firstname.lastname@example.org>
Guys, you are missing something here. The original poster's concern was
what to do with the 0-day exploits, rootkit and sources from security
vendors discovered on the machine. They could simply report to all
vendors involved, but as I understand their client does not want to be
mentioned in the relation to this. This is not a technical, but a
Vitaly Osipov, CISSP, CCSE, CCNA
> -----Original Message-----
> From: Harlan Carvey [mailto:email@example.com]
> Sent: Thursday, March 27, 2003 1:02 AM
> To: firstname.lastname@example.org
> Subject: Re: Odd situation, advice needed on penentration test results
> > While catching this person is obviously of
> > the more critical step to take is to secure the
> > for forensic analysis.
> I would agree that the system needs to be secured, but
> what good does shutting down the system do if you
> loose all of the volatile data, such as running
> processes, network connections, etc? How do you trace
> the issue back to whomever is responsible if you don't
> even know what IP address they're coming from, b/c
> you've lost the volatile data?
> > I would recommend that the your
> > client unplug the power from the system (hopefully
> > intruder has not setup a logic bomb that triggers if
> > network interface goes down).
> I'm not sure I completely understand your reasoning
> here. If you unplug the power from the system, and
> the NIC goes down (due to lack of power), wouldn't the
> system itself shut off? Wouldn't the hard drive stop
> spinning and the CPU no longer process instructions?
> If that's the case...how's a logic bomb going to
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your
> desktop! http://platinum.yahoo.com
> top spam and e-mail risk at the gateway.
> SurfControl E-mail Filter puts the brakes on spam & viruses
> and gives you the reports to prove it. See exactly how much
> junk never even makes it in the door. Free 30-day trial:
top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial: