On Tue, 22 Jan 2013 08:14:34 -0500, Rich Kulawiec said: > about that story is that this statement from the company CEO (Edouard Taza): > > "We acted immediately to fix the problem, and were able to do > so before anyone could use it to access private information." > > was not challenged by the article's author, since it is of course an > obvious fabrication.
Yeah, I liked how they didn't know they had gotten probed till the kid *told* them, but were immediately able to verify that they didn't have any other un-noticed exploits of the hole. (Sure, you can easily grep for the scanning tool's footprint, but it takes a lot longer to verify there's no disguised attacks with a different footprint).
pgpgk0X7RrGGW.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
