HackFest Series Goes to PRESENTATION ONLY: SNORT Logs and Forensics from the Past 2 HackFests = NO TRUST
Lyle Tuttle
L.tuttle at cox.net
Mon Aug 31 13:45:30 MST 2009
At 01:28 PM 8/31/2009, AZ RUNE wrote:
>This is a sad day indeed
Dittos! What integrity we seem to have, huh?
There just weren't that many folks there to do this kind of
thing...and as a 'newbie', presentations are fine, but just not the
same as the real thing....
Seems to me like that's a fair amount of hacking for such a short
amount of time and people..........and didn't we each sign some
agreement at the last hackfest?
Was my system hacked? Good thing it is new, and nothing there, as I
had the Linux HD installed........
lyle
>>On Aug 31, 2009 11:10 AM, "Lisa Kachold"
>><<mailto:lisakachold at obnosis.com>lisakachold at obnosis.com> wrote:
>>
>>I finally got moved in after all the new townhouse repairs and have
>>sorted out and evaluated all the technical details from the past two
>>hackfests at the Foundation for Blind Children.
>>
>>I have found:
>>
>>1) Multiple successful exploits against my own equipment (4 prior
>>Hackfests starting from the first at UAT - 3 systems totally pwned).
>>2) Escalated access retention in the way of processes set in place to
>>retain access vi port 443 out to various local cox DHCP addresses on
>>two of my linux machines from the last Hackfest and from low level
>>exploits in a Vista system.
>>3) Access to harddrive on systems booted into USB or DVD Backtrack3/4
>>from various local and network users (2 builds accessed on my own
>>equipment historically).
>>
>>There is no way to protect a local shared network outside of TRUST.
>>Unless we can assign an IP address to each person who provides their
>>address, name, phone number and signs a legally binding agreement, we
>>cannot continue.
>>
>>If I cannot TRUST to keep my systems safe, we cannot continue to
>>endanger the networks of the Foundation for Blind Children by allowing
>>networking access with pentest tools.
>>
>>HackFests will continue in presentation only format. No networks, no
>>access to school machines with LiveCD's or USB keys will be allowed.
>>
>>If users would like to bring their systems and follow along that is
>>find, but no Wireless access will be available (a WEP2 key is
>>available via decrypt in BT4 in 11 minutes).
>>
>>We will continue to provide media to people wanting to burn a DVD for
>>any linux security tool.
>>
>>--
>><http://linuxgazette.net/165/kachold.html>http://linuxgazette.net/165/kachold.html
>>(623)239-3392
>>(503)754-4452 www.obnosis.com
>>---------------------------------------------------
>>PLUG-discuss mailing list -
>><mailto:PLUG-discuss at lists.plug.phoenix.az.us>PLUG-discuss at lists.plug.phoenix.az.us
>>To subscribe, unsubscribe, or to change your mail settings:
>><http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>To subscribe, unsubscribe, or to change your mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20090831/8f0f9fb7/attachment.htm
More information about the PLUG-discuss
mailing list