Penetration Testing mailing list archives
Re: [PEN-TEST] Firewall identification and penetration
From: Mike Ireton <mike () LIBRITAS COM>
Date: Thu, 24 Aug 2000 00:27:11 -0700
On Sun, 13 Aug 2000, Aurobindo (Robin) Sundaram wrote:
What do people think of auditors or penetration testers having privileged access to start with? Does it save time? Or is it an unfair advantage to start with? Something to note is that since most breakins are from the inside, having a non-privileged user account on the system is probably appropriate.
The advantage in starting with privilidged access, is that you have the opportunity to inspect more closely for 'obscurity' issues that may not be readilly detectable from the outside, and which may be concealing problems that are potentially the most dangerous problems a site has. Going about it from a non-privilidged account wouln't let you see things like, bad grants of sudo powers to users (because sudoers isn't world readable, for example). -- Mike Ireton Senior Systems Engineer Libritas, Inc (Formerly Bay Office Net) - http://www.libritas.com Voice (510) 740-7700 Where do you want to go today? With Linux, I'm already there...
Current thread:
- Re: [PEN-TEST] Firewall identification and penetration Mike Ireton (Aug 24)
- Re: [PEN-TEST] Firewall identification and penetration Ben Lull (Aug 26)