Re: [PEN-TEST] Deeper Penetration

["J. Oquendo" <intrusion () ENGINEER COM>]

> > > >
It's hard for something like Tivoli, or a reporting or monitoring tool that is installed on the domain and running 
agents, not to be installed as a privileged
> > > >

Thats what groups are for and hopefully people don't forget that. Its also a good thing to run little neat toys like 
sudo aliong with expect scripts an networks which needs access levels at a higher norm than typical "mom-and-pop" 
networks.

sudo + ipsec + expect over tunneling is probably the best way to have something like Tivoli or any other montoring 
service set up in my opinion. Sure its a bit of a b#tch to set up but thats the fun part.

> > > >
For someone breaking into something, those services that are running as accounts other than LocalSystem or local 
accounts, can be a great thing to find!
> > > >

For someone configuring these services I would hope they would be more clueful when assessing security. Then again if 
this were so many security gurus would be poor :O

sil () disgraced org
sil () antioffline com

______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup