You can dump the local cached hashes, take a domain admins, and use a pass
the hash attack, which has been around for a while, such as: Hernan Ochoa /
http://oss.coresecurity.com/projects/pshtoolkit.htm
I don't see this being any more concerning. Whatever you do in the above,
is under the other
You can send these messages directly to the trash with Gmail -- play
with the filters.
On the top right dropdown, where it has reply, choose "Filter messages
like this"
Putting "n3td3v" in "has the words:" will mark the message. click
next, and choose "delete it" or "skip the inbox", for instanc
What I really want to know, is if a past customer (err - reader?) of sec
review surfaces with a negative opinion of them, will you adjust your grade
accordingly?
On Dec 20, 2007 1:20 PM, Sec Review Sucks <[EMAIL PROTECTED]>
wrote:
> This rating is based entirely off my personal feelings after r
Yes, a blog is an opinion, typically. And a blog that reviews a
product, *tried
the product.* Seriously, find a blog that reviewed a product without
actually trying it, but almost purely by looking at the marketing material
on the product.
That's an incredibly fundamental difference which makes
Well for starters, writing a company/service review by reading their website
is akin to doing a movie review by looking at the trailer, think about it.
Second: people go to qualys resellers for the addon services/extra value
that you can get/they may provide, as opposed to the stock services provi
I think it was more as a statement regarding the maturity of security tools
on each platform. for instance, for wireless, linux has far more tools, and
a wider variety, for that work, than windows, and the tools have fewer
limitations... and that's an opinion from an mcse+i/mcdba/mcse:security.
ya but has anyone seen it exploited in the wild, outside of perhaps
defcon/blackhat/conferences, etc? I think I have a greater threat of
spilling a soda on my laptop.
On 7/2/07, coderman <[EMAIL PROTECTED]> wrote:
On 7/2/07, Joshua Ogle <[EMAIL PROTECTED]> wrote:
> ... I've now found a live CD
verage with ARP replay on an 802.11g network.
About 20 seconds average if the network is going full blast on its own.
http://blogs.techrepublic.com.com/Ou/?p=464
George
Original Message
Subject: Re: [Full-disclosure] WEEPING FOR WEP
From: "Mike Vasquez" <[EMAIL PROTE
And traffic rate shouldn't be in the discussion either, since arp-replay
allows enough packets to be captured, on most home equipment, in about 20
minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be
had in under 5 minutes, 128 in under 10, and all you have to do is be
connect
While I haven't done anything specifically with SMB, I did come up with the
following a few years back: it might prove useful in your research:
http://www.adminprep.com/articles/default.asp?action=show&articleid=52
It covers taking an ethereal data cap, and taking portions of it to come up
with
1) I'm sure none of you can imagine this, but sometimes running and startup
configs aren't the same. YES it's TRUE! So, your approach could be
disastrous and is really ill advised.
2) Nmap may not give reliable results from all sites. Surely you've
encounted ACLs that caused erroneous nmap res
11 matches
Mail list logo
