Rick Phillips r...@greyheads.net writes:
Just of out of interest, what kind of server are you talking about ?
Briefly, we have been running this server for 5 years principally to serve
learning materials to students. Initially, the server was sanctioned by the
Education Department and it
db db.pub.m...@gmail.com writes:
G'day DB.
Daniel um ... ok. I don't see how a security audit is any different to any
other(audit). Audits should be done.
Absolutely. We are in complete agreement here.
Now I just have one last question, to help me understand what you are trying
to say: what
Daniel,
First, let me say that I am sorry you didn't appreciate the response, and the
implied criticism of your plan. It was absolutely not my intention to offend,
but rather to continue to question my own assumptions in the face of someone
who disagreed with me.
I regret that my
The department is employing a white hat to do a penetration test at
the end of this month and we thought it would be better to be fore
armed. This LMS is very important to us and has significantly helped
our student base lift their average results to be near the top for the
state. They have
IMHO something like this is best done by hiring professionals, as some
random person may or may not have the experience and skills they may or may
not suggest, giving you a false sense of security in their findings.
Anyway, having said that, having a poke around yourself is always fun and
Tony Sceats tony.sce...@gmail.com writes:
IMHO something like this is best done by hiring professionals, as some
random person may or may not have the experience and skills they may or may
not suggest, giving you a false sense of security in their findings.
Rick enquired about professionals.
Rick Phillips r...@greyheads.net writes:
First, let me say that I am sorry you didn't appreciate the response, and
the implied criticism of your plan. It was absolutely not my intention to
offend, but rather to continue to question my own assumptions in the face
of someone who disagreed with
Would any member be interested in conducting a penetration test of a
server I administer?
If so, please contact me off list and I will explain the circumstances.
Thanks,
Rick Phillips
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs:
Rick Phillips r...@greyheads.net writes:
Would any member be interested in conducting a penetration test of a server
I administer? If so, please contact me off list and I will explain the
circumstances.
If it were possible, even in the most general of terms, I would be very
curious to know
Daniel um ... ok. I don't see how a security audit is any different to
any other(audit). Audits should be done.
Rick i hope some one can help you. However, do consider the cost of a
server compromise when you are considering testing / having some one
else look at the server.
2009/10/31 Daniel
Plus what if all the pentester does is take the system offline. If they are
a good pen testing company the will do the full audit as well as the actual
getting in part. Secure policies and design are the best bet usually. Treat
every system like it is going to get owned, if not already and go from
Just of out of interest, what kind of server are you talking about ?
It's a CentOS 5.4 box. Briefly, we have been running this server for 5
years principally to serve learning materials to students. Initially,
the server was sanctioned by the Education Department and it has grown
in
12 matches
Mail list logo