|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Herps
From: wirepair (wirepair
roguemail.net)
Date: Fri Feb 27 2004 - 20:28:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I know exactly what you mean, I always strip that stuff out. It also depresses me when a client uses
a web based tool such as mcafee and freaks out because I 'didn't find' the ICMP timestamp crap. I even
went as far as creating a database for nessus where i can plugin the 'relevant' plugin id's (also to correct
a lot of the false information in the plugins). Ah well,
-wire
On Fri, 27 Feb 2004 20:01:15 -0500
Dave Aitel <daveimmunitysec.com> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>So I just finished a week-long assessment of a software product and
>didn't even find a way to crash it. This sort of thing is very
>depressing to me, but does occasionally happen. It's like another
>assessment I did recently of a web application where the most
>interesting thing I found was cross-site-scripting.
>
>I occasionally hear people say "We always find something in our
>assessments. We've never failed to get in." Usually the way they
>justify this is by putting ICMP timestamp on their deliverables (or
>the equivalent - can we just take that out of Nessus now and stop
>having to see it ever again? So many other protocols (SMB and RSYNC
>for example) give you the current time that it's really not an issue.
>It's really not. Please, please take it out of your vulnerability
>database, nessus team, if you read this).
>
>I have to think that if you find something major on everything you
>assess that you are:
>1. Way ahead of your time, skill-wise...like the ADM/ISS X-Force
>people, various people on this list who hate being named, MaXX, etc.
>or
>2. Fooling yourself. Most likely you need to do harder projects (Peter
>Winter-Smith - shareware.com will run out of windows servers
>eventually...why not try to find something in Redhat 9?). One fun game
>is to look at something that just had an advisory released on it. Then
>go find something on that. This is also a very productive game,
>because everyone will have just updated, and so they will all have the
>same version. If the product was really buggy, whoever looked at it
>the first time might have found five or six bugs, and then given up.
>The vendor probably only fixed four of those.
>
>- -dave
>P.S. A "Herp" is short for a "reptile". It's funny how owning reptiles
>is a "hobby" - often linked with doing scientific experiments on
>insects (the latest copy of Reptiles magazine had a whole article on
>ant breeding) whereas owning a cat or dog is just having a pet. What's
>up with that?
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.1 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFAP+hbzOrqAtg8JS8RAqo1AKDqgVMv2iM1fVjQroKdxdu5GSVJ3wCg/ATi
>gC+lTDvGr18WO8/NBdWAvug=
>=V1MH
>-----END PGP SIGNATURE-----
>
>_______________________________________________
>Dailydave mailing list
>Dailydavelists.immunitysec.com
>http://www.immunitysec.com/mailman/listinfo/dailydave
--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]