Its an interesting read: Anonymous speaks: the inside story of the HBGary hack

Fri Feb 18 17:14:33 MST 2011

Post your URL's and I will prove you wrong Stephen?

Are you an adept Apache/Mysql admin? Do you know the ins and outs of Tomcat
or Weblogic?  Do you understand file security and shell escapes as used for
low level linux calls?  Can you ensure your DocumentRoot is properly
protected?

Did you install Mysql to be open to your localhost?  localhost packet
spoofing is trivial to Metasploit.....

Are you certain that every single binary on your system has been patched or
is not vulnerable to buffer overflow, or other types of exploits?

Do you run iptables on each of your systems?

Of course you might just run Nexpose Community Edition on your systems
yourself?

On Fri, Feb 18, 2011 at 4:56 PM, Stephen <cryptworks at gmail.com> wrote:

>
> http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars
>
> I'm not a particularly experienced Linux admin, but most of these
> would never have happened on my servers. and i know i would have had
> them tested before i slept well at night. sheesh....
>
> maybe if anyone is looking you can submit some resumes? :-)
>
> --
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
>
> Stephen
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>

-- 
(503) 754-4452
(623) 688-3392

Next PLUG Security Team Saturday Noon - 15:00 Gangplankhq.com
http://plug.phoenix.az.us

 http://www.obnosis.com
*Catch My MetaSploit & IP CAM Surveillance
Presentations @ ABLEConf.com in April!*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20110218/bc81752c/attachment.html>