[sf-lug] Advantages of distro package regimes
Charles N Wyble
charles at thewybles.com
Thu Dec 27 09:21:38 PST 2007
Kristian Erik Hermansen wrote:
> On Dec 26, 2007 4:09 PM, Charles N Wyble <charles at thewybles.com> wrote:
> That is a great learning experience for sure on the side of the
> defender. Have you ever played the attacker role?
Certainly. To effectively defend your systems you must attack them. I
have done that many times against many networks which I have been
responsible for securing.
> It takes a
> different mind set.
It certainly does.
> Many people are better at it than I am, and
> probably you as well. Some have been doing it since pre-teen years...
Yes there are many skilled attackers in the wild. I have battled them
many times. I have always won. Always.
> The discussion was meant for the list, and not merely for you. Anyone
> can participate, so please don't make it seem as if I were
> trivializing your experience...
You are correct. :)
> Of course it is very easy to detect this activity. I was not trying
> to be stealthy in my scanning. Note the -T5 option and use of a
> common tool rather than some customized code...
>> Have you ever heard of a honeypot? The nmap output below is quite common
>> on systems that are running honeypot software.
> Sure, and I have seen many talks by Lance Spitzner. They still won't
> defend against social engineering the DNS updates :-P
Um... I wasn't talking about that at all. I was referring to the reason
that so many ports appeared to be open/available.
More information about the sf-lug