On Mon, 13 Jun 2005 21:42:09 CDT, Ron DuFresne said:
> Ron DuFresne
>
http://ars.userfriendly.org/cartoons/?id=20030210&mode=classic
Unfortunately, there's one at every site:
http://ars.userfriendly.org/cartoons/?id=20030211&mode=classic
pgpM0Gu8lP6wa.pgp
Description: PGP signature
___
>
> Don't lose faith, don't give up, keep explaining, and training. You CAN
> make end users proactive participants in enterprise security. Just
> remember, there will always be a few intellectually challenged folks who
> need a bit of extra mentoring. Try to be patient, and NO, you can't put
> h
** My apologies if you receive multiple copies of this message. **
CALL FOR PAPERS
for the
13TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS'06)
February 1st, 2006 - Pre-Conference Workshop
February 2-3, 2006 - Symposium
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200506-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [UPDATE] GLSA 200505-06:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
It appears to be a CGI dropped by a hacker tool. It may execute shell
commands from several different directories. Doesn't anyone use Google
anymore
Just because Nessus says alya.cgi could be a backdoor doesn't mean it
is..Nessus is a very good VA scanning but it does produce a fair amount
of
On Mon, 13 Jun 2005 22:49:28 +0400, alex said:
> Try to use freeware service (owned by Cisco System and Positive
> technologies) - www.freescan.ru. This service can help found many unknown
> bug in custom Web application.
> > I shall test all these programs, tomorrow I send my results.
> > For e
I ran a nessus scan on my neighbor's Soniwall firewall
appliance's ip address and found out there is an
alya.cgi file, which is ranked as HIGH risk. However,
no one knows what it does beside that "alya.cgi is a
cgi backdoor distributed with multiple rootkits."
Does anyone on list know what this c
Try to use freeware service (owned by Cisco System and Positive
technologies) - www.freescan.ru. This service can help found many unknown
bug in custom Web application.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles
Sent: Monday, June 13, 20
http://www.0x90.org/releases/absinthe/http://www.nessus.org/download/ with some pluginshttp://www.cirt.net/code/nikto.shtmlThe "best" depends of your target, the OS you use, if you looking for opensource products or commercial ones.Just google there many of them. Deepquest "Justification of windows
The list is right, pen-testing isn't as easy as running one tool. If there was
a "best" tool that found everything, then why would people use any other tool?
Going to attack Russian Google, well glad you said it on here...that will make
it hard for them to trace you down..lol
> -Original M
Ok
I define concretely my task.
I wish to find quickly potential holes (XSS, SQL injection and e.t.c.) in the
any Web sites, for example www.yandex.ru. I do not know, what OS or database
using on server.
Many program can find only known CGI bugs or need some interactive with
database or envir
On Mon, 13 Jun 2005 21:10:19 +0400, tgoogle said:
> I need BEST program, which can found Maximum bugs in any custom Web
> application.
I doubt you'll fine one "best" program, as there's too much diversity.
There's probably someplace running CGI written in COBOL.
And somebody probably has a scann
Thanks,
I shall test all these programs, tomorrow I send my results. For example, i try
to find vulnerabilities in www.yandex.ru and www.google.ru sites :).
You really consider that all these programs are capable found vulnerability in
UNKNOWN scripts?
I need BEST program, which can found Maxi
Maxpatol - www.maxpatrol.com
"Maxpatrol inspects all scripts installed on server for vulnerabilities
allowing unauthorized file access, data access or manipulation or possible
termination of service using intelligent algorithms."
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Did you know the best Web app security scanner?
I need scanner, which would find SQL injections, XSS, php include and other bug
in unknown Web application.
Thanks
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
16 matches
Mail list logo
