With the right tools, you can easily find these lapses in your systems and address them. If you found those hosts on your network, you would probably shut them down in no time. We've found assorted open systems (and I don't mean that in a nice "open source" sort of way) and a few print servers without passwords. Once we took over a security camera and found a guy who had access to a shared directory that really shouldn't have been shared (yipes!). It is always a blast to start playing on the show network with vulnerability scanners, interceptors and redirectors, packet generators and forensic tools. This was the third year I'd presented this course at BrainShare and I admit-it is my favorite course to teach! Essentially, we throw out the slide presentation (my apologies to the graphic design team) and we start working live on the network. I must admit, my heart skips a beat or two each BrainShare when I look out at the line of eager techies waiting to scan their badges, take their seats and watch the Hot Tools class. ![]() (Visit for more information.) Be certain you have permission from the owner of the target system (preferably in writing) before you perform password-integrity tests, port scans, vulnerability scans or any other communication that might be deemed intrusive. ![]() ![]() ![]() This article defines some of the tools which students use in the "White Hat Toolbox" hands-on course that tours around the United States and Europe in 2004.
0 Comments
Leave a Reply. |