Larry, On Fri, May 31, 2013 at 6:47 PM, Dazed_75 wrote: > If I implied you were not welcome to attend, I apologize. I only meant > that we were unlikely to have time to participate in what you were > suggesting with regard to security testing our systems. Even if our time > were not required, I think you can understand that we would want to know > what was being done and we most often would not have time for that > Laugh! You are kidding me right? What's to stop the UAT students from "testing" your systems or security? I am sure you would want to know! If you implied I was not welcome to attend, Larry, I would ignore it, just as I ignore all the other inappropriate statements and demands that fly around! > > You are certainly welcome to attend as are any who would volunteer to help > or to seek assistance. No, it was not before my time that you did help out > at the installfest unless you only did so prior to 2004. Since that time I > have probably missed a total of 6 or fewer events and I was in charge of > them ever since Alexander left us. > I know Larry, you are a phenomenal resource. > > > On Fri, May 31, 2013 at 5:12 PM, Lisa Kachold wrote: > >> Larry, >> >> Hi my friend, how are you! >> >> On Fri, May 31, 2013 at 3:17 PM, Dazed_75 wrote: >> >>> Sorry Lisa, we are unlikely to have the time for that whether we have >>> the inclination or not. >>> >>> We have a few people known to be coming for various reasons though >>> nothing out of the ordinary. One fellow set up dual boot with Win8 and >>> Ubuntu and was coming because his wireless was not working but he got it >>> fixed on his own so is no longer planning on being there. >>> >> >> Larry, as in all pentesting, you (and the machines to be tested) would >> not need to be involved (other than turned on). But the process would be >> terribly boring and I would in fact find nothing, because Linux >> installations today have very few systems that can be exploited right out >> of the box. Since the first thing we do is to patch everything, there's no >> daemons that would be fingerprinted with exploit code by Metasploit. >> Additionally, the very small number of exploitable daemons (before >> patching) are not configured generally right out of the box. A good rule >> of thumb, especially since UAT has some of the best crackers to share a >> network (sending a team to DefCon every year) is to install, update (yum >> update or apt-get update) and THEN turn off selinux, configure cups, etc. >> >> The possible period of time wherein exploitable code would/could be >> available would be very small should the owner have an insecure application >> to install (from backports for instance) and update. >> >> Of course, we are not considering other forms of computer insecurity, >> such as SSH "password testing" or Man in the Middle attacks (sslstrip) >> which anyone can do sharing a network. >> >> I have contributed to driver issue resolution, configuration for EDVO >> cards/modems, complex VPN configurations and kernel building at >> installfests; I think that might have been before your time? >> >> I would come just to see the great outreach this Installfest is for our >> community, expanding Linux/Opensource use while saving older equipment from >> the Micro$oft agenda that would place them into the landfill. >> >> >>> >>> On Fri, May 31, 2013 at 11:24 AM, Lisa Kachold wrote: >>> >>>> Anything good happening with the InstallFest tomorrow? >>>> >>>> Can I come and "test" your systems with Metasploit ? >>>> >>>> -- >>>> >>>> (503) 754-4452 Android >>>> (623) 239-3392 Skype >>>> (623) 688-3392 Google Voice >>>> ** >>>> it-clowns.com >>>> Chief Clown >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> --------------------------------------------------- >>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>>> >>> >>> >>> >>> -- >>> Dazed_75 a.k.a. Larry >>> >>> Please protect my address like I protect yours. When sending messages to >>> multiple recipients, use the BCC: (Blind carbon copy). Remove addresses >>> from a forwarded message body before clicking Send. >>> >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> >> >> >> -- >> >> (503) 754-4452 Android >> (623) 239-3392 Skype >> (623) 688-3392 Google Voice >> ** >> it-clowns.com >> Chief Clown >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > > -- > Dazed_75 a.k.a. Larry > > Please protect my address like I protect yours. When sending messages to > multiple recipients, use the BCC: (Blind carbon copy). Remove addresses > from a forwarded message body before clicking Send. > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss > -- (503) 754-4452 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** it-clowns.com Chief Clown