OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Full-disclosure] Putty Proxy login/password discolsure....

From: Michael Holstein (michael.holsteincsuohio.edu)
Date: Thu Nov 02 2006 - 12:12:30 CST


> It's also loads of fun if the box in question is a server that's being
> monitored by Big Brother or similar. Kinda hard to erase the 'red' marker
> on the big screen in the NOC. Similar comments apply to machines that
> report to a central syslog server...

7b) unplug target network cable [thus avoiding the remote syslog issue]

With BigBrother you get 5 minutes (typically) before you create an alarm
.. so, depending on what sort of Oragami is required to get into the
server, that may be possible.

The easiest thing to do though would be just flip the power on a whole
rack (and maybe a few next to it) .. somebody will just figure a janitor
tripped over something.

... or just hit the EPO on the way out of the datacenter. We had that
happen *more than once* at a former site because people mistook it as
the release for the maglocks (which it sort of still was, since those
were on datacenter power).

~Mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/