Re: Network Penetration Test
From: Enkidu (enkidu@cliffp.com)
Date: 01/04/03
- Next message: Geo: "Re: VPN and Logon scripts"
- Previous message: Gary K: "Re: Disable Default Shares"
- In reply to: ynotssor: "Re: Network Penetration Test"
- Next in thread: Adam Pavelec: "Re: Network Penetration Test"
- Reply: Adam Pavelec: "Re: Network Penetration Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Enkidu <enkidu@cliffp.com> Date: Sun, 05 Jan 2003 10:56:32 +1300
On Sat, 4 Jan 2003 05:38:35 -0800, "ynotssor" <"ynotssor"> wrote:
>"Dmitry Kulshitsky" <dimkin(remove)@mbox.com.au> wrote in message
>news:ugiSxO$sCHA.2296@TK2MSFTNGP10
>>
>> I would like to add that it is also possible to ask some friends who
>> you trust to do such tests from the outside.
>[...]
>
>Many network problems have their source on "the inside". Employees
>can run packet sniffers to see others' passwords in clear text for telnet
>and POP3 sessions.....
>
I'm not sure that that's true these days with fully switched
networks... A packet sniffer is only going to capture packets between
the attacker's computer and whatever machines he/she is connecting to.
A trojan key-logger would be an attackers best bet if he/she wants to
capture passwords, etc.
Cheers,
Cliff
--
The Nats held a Party and no one came.
- Next message: Geo: "Re: VPN and Logon scripts"
- Previous message: Gary K: "Re: Disable Default Shares"
- In reply to: ynotssor: "Re: Network Penetration Test"
- Next in thread: Adam Pavelec: "Re: Network Penetration Test"
- Reply: Adam Pavelec: "Re: Network Penetration Test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
