Penetration Testing mailing list archives
Re: [PEN-TEST] Firewall identification and penetration
From: Mike Ireton <mike () LIBRITAS COM>
Date: Fri, 1 Sep 2000 11:14:19 -0700
On Fri, 25 Aug 2000, Ben Lull wrote:
Seeing a system from a super user's standpoint may allow you to see things which you won't see as a normal user, but it may also cause you to over look other things which only a normal user would notice. To use the sudo reference above, a super user sees a poorly configured sudoers file. A normal user sees the account he has, allows sudo access. Even if you were to create a very well configured sudeors file, the normal user will not know this, thus spinning off into subsets of tests to determine what can and can't be done with sudo. The sudoers file may be secured, but because the normal user does not know this, he may inadvertently find another security hole which was over looked.
Oh I agree with you %100. A tester with non-privilidged access is going to pull every trick in the book to GET privilidged access, and so will push non-privilidged access level to the hilt, pounding on anything in their path. But I still belive it's advantagous to have privilidged access for the reason of checking up on systems configurations that may require impossible-to-identify-otherwise conditions to exploit. I think it makes a lot of sense when you consider that most sysadmins (no flames to anyone) don't really have much of a clue when it comes to secure systems configuration and are prone to thinking of 'making it work at all' and leaving it that way once it's going. -- Mike Ireton Senior Systems Engineer Libritas, Inc (Formerly Bay Office Net) - http://www.libritas.com Voice (510) 740-7700 Where do you want to go today? With Linux, I'm already there...
Current thread:
- Re: [PEN-TEST] Firewall identification and penetration Mike Ireton (Sep 02)
- Re: [PEN-TEST] Firewall identification and penetration Ben Lull (Sep 06)
- [PEN-TEST] Evaluating Auditors Abilities Derrick (Sep 07)
- Re: [PEN-TEST] Evaluating Auditors Abilities Steve (Sep 07)
- Re: [PEN-TEST] Evaluating Auditors Abilities Domenico De Vitto (Sep 07)
- Re: [PEN-TEST] Evaluating Auditors Abilities Teicher, Mark (Sep 07)
- Re: [PEN-TEST] Evaluating Auditors Abilities Max Vision (Sep 08)
- Re: [PEN-TEST] Evaluating Auditors Abilities Deri Jones (Sep 08)
- [PEN-TEST] Evaluating Auditors Abilities Derrick (Sep 07)
- Re: [PEN-TEST] Firewall identification and penetration Jeffrey Denton (Sep 07)
- Re: [PEN-TEST] Firewall identification and penetration Gary E. Miller (Sep 07)
- Re: [PEN-TEST] Firewall identification and penetration Ben Lull (Sep 06)