[sf-lug] Advantages of distro package regimes

Charles N Wyble charles at thewybles.com
Thu Dec 27 09:21:38 PST 2007


Kristian Erik Hermansen wrote:
> On Dec 26, 2007 4:09 PM, Charles N Wyble <charles at thewybles.com> wrote:
>   
>>     
>
> That is a great learning experience for sure on the side of the
> defender.  Have you ever played the attacker role? 

Certainly. To effectively defend your systems you must attack them. I 
have done that many times against many networks which I have been 
responsible for securing.

>  It takes a
> different mind set. 

It certainly does.

>  Many people are better at it than I am, and
> probably you as well.  Some have been doing it since pre-teen years...
>   

Yes there are many skilled attackers in the wild. I have battled them 
many times. I have always won. Always.

>
>   
>
> The discussion was meant for the list, and not merely for you.  Anyone
> can participate, so please don't make it seem as if I were
> trivializing your experience...
>   

You are correct. :)

>
>   
>
> Of course it is very easy to detect this activity.  I was not trying
> to be stealthy in my scanning.  Note the -T5 option and use of a
> common tool rather than some customized code...
>   

Yep.

>   
>> Have you ever heard of a honeypot? The nmap output below is quite common
>> on systems that are running honeypot software.
>>     
>
> Sure, and I have seen many talks by Lance Spitzner.  They still won't
> defend against social engineering the DNS updates :-P
>   

Um... I wasn't talking about that at all. I was referring to the reason 
that so many ports appeared to be open/available.






More information about the sf-lug mailing list