InstallFest Tomorrow

Dazed_75 lthielster at gmail.com
Fri May 31 18:47:21 MST 2013 

If I implied you were not welcome to attend, I apologize.  I only meant
that we were unlikely to have time to participate in what you were
suggesting with regard to security testing our systems.  Even if our time
were not required, I think you can understand that we would want to know
what was being done and we most often would not have time for that.

You are certainly welcome to attend as are any who would volunteer to help
or to seek assistance.  No, it was not before my time that you did help out
at the installfest unless you only did so prior to 2004.  Since that time I
have probably missed a total of 6 or fewer events and I was in charge of
them ever since Alexander left us.


On Fri, May 31, 2013 at 5:12 PM, Lisa Kachold <lisakachold at obnosis.com>wrote:

> Larry,
>
> Hi my friend, how are you!
>
> On Fri, May 31, 2013 at 3:17 PM, Dazed_75 <lthielster at gmail.com> wrote:
>
>> Sorry Lisa, we are unlikely to have the time for that whether we have the
>> inclination or not.
>>
>> We have a few people known to be coming for various reasons though
>> nothing out of the ordinary.  One fellow set up dual boot with Win8 and
>> Ubuntu and was coming because his wireless was not working but he got it
>> fixed on his own so is no longer planning on being there.
>>
>
> Larry, as in all pentesting, you (and the machines to be tested) would not
> need to be involved (other than turned on).  But the process would be
> terribly boring and I would in fact find nothing, because Linux
> installations today have very few systems that can be exploited right out
> of the box.  Since the first thing we do is to patch everything, there's no
> daemons that would be fingerprinted with exploit code by Metasploit.
>  Additionally, the very small number of exploitable daemons (before
> patching) are not configured generally right out of the box.  A good rule
> of thumb, especially since UAT has some of the best crackers to share a
> network (sending a team to DefCon every year) is to install, update (yum
> update or apt-get update) and THEN turn off selinux, configure cups, etc.
>
> The possible period of time wherein exploitable code would/could be
> available would be very small should the owner have an insecure application
> to install (from backports for instance) and update.
>
> Of course, we are not considering other forms of computer insecurity, such
> as SSH "password testing" or Man in the Middle attacks (sslstrip) which
> anyone can do sharing a network.
>
> I have contributed to driver issue resolution, configuration for EDVO
> cards/modems, complex VPN configurations and kernel building at
> installfests; I think that might have been before your time?
>
> I would come just to see the great outreach this Installfest is for our
> community, expanding Linux/Opensource use while saving older equipment from
> the Micro$oft agenda that would place them into the landfill.
>
>
>>
>> On Fri, May 31, 2013 at 11:24 AM, Lisa Kachold <lisakachold at obnosis.com>wrote:
>>
>>> Anything good happening with the InstallFest tomorrow?
>>>
>>> Can I come and "test" your systems with Metasploit </bad kitty>?
>>>
>>> --
>>>
>>> (503) 754-4452 Android
>>> (623) 239-3392 Skype
>>> (623) 688-3392 Google Voice
>>> **
>>> it-clowns.com <http://it-clowns.com/d/>
>>> Chief Clown
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> --
>> Dazed_75 a.k.a. Larry
>>
>> Please protect my address like I protect yours. When sending messages to
>> multiple recipients, use the BCC: (Blind carbon copy). Remove addresses
>> from a forwarded message body before clicking Send.
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
>
> (503) 754-4452 Android
> (623) 239-3392 Skype
> (623) 688-3392 Google Voice
> **
> it-clowns.com <http://it-clowns.com/d/>
> Chief Clown
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>



-- 
Dazed_75 a.k.a. Larry

Please protect my address like I protect yours. When sending messages to
multiple recipients, use the BCC: (Blind carbon copy). Remove addresses
from a forwarded message body before clicking Send.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130531/90b68904/attachment.html>

More information about the PLUG-discuss mailing list