RE: Apple pentesting

From: Todd Towles (toddtowles_at_brookshires.com)
Date: 04/05/05

  • Next message: Erik Winkler: "Re: Apple pentesting" 
    Date: Tue, 5 Apr 2005 13:59:29 -0500
To: "Altheide, Cory B. (IARC)" <AltheideC@nv.doe.gov>

    And I ask you where is the expoit information? What is the
    vulnerability? Do exploits exist? Can you test if you are vulnerability?
    These is a site that list patches..not the same thing. Interesting that
    you think they are the same. Apple doesn't follow Full-Disclourse, that
    was my point.

    I didn't mean they don't patch...

    > -----Original Message-----
    > From: Altheide, Cory B. (IARC) [mailto:AltheideC@nv.doe.gov]
    > Sent: Tuesday, April 05, 2005 1:55 PM
    > To: Todd Towles; Julian Totzek; pen-test@securityfocus.com
    > Subject: RE: Apple pentesting
    >
    > > -----Original Message-----
    > > From: Todd Towles [mailto:toddtowles@brookshires.com]
    > > Sent: Tuesday, April 05, 2005 10:48 AM
    > > To: Julian Totzek; pen-test@securityfocus.com
    > > Subject: RE: Apple pentesting
    > >
    > >
    > > Nessus does work against Macs, the problem with testing
    > Macs is they
    > > never released vulnerability statements..never. If a hole is found,
    > > Apple releases a patch and no ones says anything. If Microsoft did
    > > this..everyone would go crazy.
    >
    > I'm gonna go out on a limb and say you don't know what you're
    > talking about.
    >
    > Protip: Google for 'apple security' and this is the first hit.
    >
    > http://docs.info.apple.com/article.html?artnum=61798
    >
    >
    > Cory Altheide
    > Senior Network Forensics Specialist
    > NNSA Information Assurance Response Center (IARC)
    > altheidec@nv.doe.gov "I have taken all knowledge to be my
    > province." -- Francis Bacon
    >
    >

  • Next message: Erik Winkler: "Re: Apple pentesting"

    Relevant Pages