At 01:28 PM 8/31/2009, AZ RUNE wrote: >This is a sad day indeed Dittos! What integrity we seem to have, huh? There just weren't that many folks there to do this kind of thing...and as a 'newbie', presentations are fine, but just not the same as the real thing.... Seems to me like that's a fair amount of hacking for such a short amount of time and people..........and didn't we each sign some agreement at the last hackfest? Was my system hacked? Good thing it is new, and nothing there, as I had the Linux HD installed........ lyle >>On Aug 31, 2009 11:10 AM, "Lisa Kachold" >><lisakachold@obnosis.com> wrote: >> >>I finally got moved in after all the new townhouse repairs and have >>sorted out and evaluated all the technical details from the past two >>hackfests at the Foundation for Blind Children. >> >>I have found: >> >>1) Multiple successful exploits against my own equipment (4 prior >>Hackfests starting from the first at UAT - 3 systems totally pwned). >>2) Escalated access retention in the way of processes set in place to >>retain access vi port 443 out to various local cox DHCP addresses on >>two of my linux machines from the last Hackfest and from low level >>exploits in a Vista system. >>3) Access to harddrive on systems booted into USB or DVD Backtrack3/4 >>from various local and network users (2 builds accessed on my own >>equipment historically). >> >>There is no way to protect a local shared network outside of TRUST. >>Unless we can assign an IP address to each person who provides their >>address, name, phone number and signs a legally binding agreement, we >>cannot continue. >> >>If I cannot TRUST to keep my systems safe, we cannot continue to >>endanger the networks of the Foundation for Blind Children by allowing >>networking access with pentest tools. >> >>HackFests will continue in presentation only format. No networks, no >>access to school machines with LiveCD's or USB keys will be allowed. >> >>If users would like to bring their systems and follow along that is >>find, but no Wireless access will be available (a WEP2 key is >>available via decrypt in BT4 in 11 minutes). >> >>We will continue to provide media to people wanting to burn a DVD for >>any linux security tool. >> >>-- >>http://linuxgazette.net/165/kachold.html >>(623)239-3392 >>(503)754-4452 www.obnosis.com >>--------------------------------------------------- >>PLUG-discuss mailing list - >>PLUG-discuss@lists.plug.phoenix.az.us >>To subscribe, unsubscribe, or to change your mail settings: >>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change your mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss