|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Penetration testing via shrinkware
Stout, Bill (StoutB
pios.com)
Thu, 03 Sep 1998 20:32:48 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Michael Shields: "Re: Re[2]: password aging"
- Previous message: Colin Campbell: "Re: Network Traffic Violations"
- In reply to: Jim Wamsley 303-673-8163: "Network Traffic Violations"
- Next in thread: Stephen P. Berry: "Re: Penetration testing via shrinkware"
Thanks all for the copious feedback. I posted the question because I
had difficulty expressing to someone the inadaquacy of using shrinkware
alone. I believe I can express that point now.
The point I was missing was this:
Shrinkware only highlights possible entry points, and doesn't exploit
them or artfully combine vulnerabilities into an 'exploit mosaic', a
clear compelling picture of the penetration. It takes a skilled
artistic human to create art, a technical human would merely glue the
vulnerabilities together into a mess.
An '3l33t3 hacker' dynamically adapts to the set of vulnerabilities
presented before him, he uses his experience, knowledge and input from
others to exploit what he discovers, piecing together a puzzle through
intellect, not from an instruction sheet. A real hacking experience is
an R&D work in progress, not an autonomon scripting (or manually keying
in a script of) known techniques that worked for one given situation.
Thanks for the feedback.
Bill Stout
- Next message: Michael Shields: "Re: Re[2]: password aging"
- Previous message: Colin Campbell: "Re: Network Traffic Violations"
- In reply to: Jim Wamsley 303-673-8163: "Network Traffic Violations"
- Next in thread: Stephen P. Berry: "Re: Penetration testing via shrinkware"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:46 CDT