RE: How to Determine My System Vulnerabilities

["Mike" <mjcarter () ihug co nz>]

You may have nailed it Nick, we used unlocked PCs to shock users into
compliance at my previous company. (One) of the techniques was to send
emails on behalf of the offender.

Looks of surprise and denial from the perceived senders "but I didn't send
that!"
"Lock your PC next time!! And while you're here please re-read this security
policy!"

We only sent to internal addresses though :)

Mike
www.infosec.co.nz

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Nick
FitzGerald
Sent: Wednesday, January 11, 2006 4:56 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] How to Determine My System Vulnerabilities

Eugene.Smith () mpls frb org wrote:

> I have three servers running Linux Red Hat OS.  I would lke to find a 
> source for information regarding "How Too" when it comes to determining 
> what level of kernel, SSH, PHP, ect my servers are running.  I do know how

> to check some of these things but am looking for someone who is very 
> knowledgeble and is willing to answer questions about this OS.

Do I detect a case of "I went to get coffee without locking my 
terminal"??

(Quickly followed by a case of "HR wants to have a talk with <insert 
one of Eugene Smith's co-workers' names here>"...)


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/