At 01:28 PM 8/31/2009, AZ RUNE wrote:
This is a sad day
indeed
Dittos! What integrity we seem to have, huh?
There just weren't that many folks there to do this kind of thing...and
as a 'newbie', presentations are fine, but just not the same as the real
thing....
Seems to me like that's a fair amount of hacking for such a short amount
of time and people..........and didn't we each sign some agreement at the
last hackfest?
Was my system hacked? Good thing it is new, and nothing there, as I
had the Linux HD installed........
lyle
On Aug 31, 2009
11:10 AM, "Lisa Kachold"
<lisakachold@obnosis.com
> wrote:
I finally got moved in after all the new townhouse repairs and have
sorted out and evaluated all the technical details from the past two
hackfests at the Foundation for Blind Children.
I have found:
1) Multiple successful exploits against my own equipment (4 prior
Hackfests starting from the first at UAT - 3 systems totally pwned).
2) Escalated access retention in the way of processes set in place
to
retain access vi port 443 out to various local cox DHCP addresses on
two of my linux machines from the last Hackfest and from low level
exploits in a Vista system.
3) Access to harddrive on systems booted into USB or DVD
Backtrack3/4
from various local and network users (2 builds accessed on my own
equipment historically).
There is no way to protect a local shared network outside of TRUST.
Unless we can assign an IP address to each person who provides their
address, name, phone number and signs a legally binding agreement,
we
cannot continue.
If I cannot TRUST to keep my systems safe, we cannot continue to
endanger the networks of the Foundation for Blind Children by
allowing
networking access with pentest tools.
HackFests will continue in presentation only format. No networks,
no
access to school machines with LiveCD's or USB keys will be
allowed.
If users would like to bring their systems and follow along that is
find, but no Wireless access will be available (a WEP2 key is
available via decrypt in BT4 in 11 minutes).
We will continue to provide media to people wanting to burn a DVD
for
any linux security tool.
--
http://linuxgazette.net/165/kachold.html
(623)239-3392
(503)754-4452
www.obnosis.com
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss