Larry, Hi my friend, how are you! On Fri, May 31, 2013 at 3:17 PM, Dazed_75 wrote: > Sorry Lisa, we are unlikely to have the time for that whether we have the > inclination or not. > > We have a few people known to be coming for various reasons though nothing > out of the ordinary. One fellow set up dual boot with Win8 and Ubuntu and > was coming because his wireless was not working but he got it fixed on his > own so is no longer planning on being there. > Larry, as in all pentesting, you (and the machines to be tested) would not need to be involved (other than turned on). But the process would be terribly boring and I would in fact find nothing, because Linux installations today have very few systems that can be exploited right out of the box. Since the first thing we do is to patch everything, there's no daemons that would be fingerprinted with exploit code by Metasploit. Additionally, the very small number of exploitable daemons (before patching) are not configured generally right out of the box. A good rule of thumb, especially since UAT has some of the best crackers to share a network (sending a team to DefCon every year) is to install, update (yum update or apt-get update) and THEN turn off selinux, configure cups, etc. The possible period of time wherein exploitable code would/could be available would be very small should the owner have an insecure application to install (from backports for instance) and update. Of course, we are not considering other forms of computer insecurity, such as SSH "password testing" or Man in the Middle attacks (sslstrip) which anyone can do sharing a network. I have contributed to driver issue resolution, configuration for EDVO cards/modems, complex VPN configurations and kernel building at installfests; I think that might have been before your time? I would come just to see the great outreach this Installfest is for our community, expanding Linux/Opensource use while saving older equipment from the Micro$oft agenda that would place them into the landfill. > > On Fri, May 31, 2013 at 11:24 AM, Lisa Kachold wrote: > >> Anything good happening with the InstallFest tomorrow? >> >> Can I come and "test" your systems with Metasploit ? >> >> -- >> >> (503) 754-4452 Android >> (623) 239-3392 Skype >> (623) 688-3392 Google Voice >> ** >> it-clowns.com >> Chief Clown >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > > -- > Dazed_75 a.k.a. Larry > > Please protect my address like I protect yours. When sending messages to > multiple recipients, use the BCC: (Blind carbon copy). Remove addresses > from a forwarded message body before clicking Send. > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss > -- (503) 754-4452 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** it-clowns.com Chief Clown