Post your URL's and I will prove you wrong Stephen? Are you an adept Apache/Mysql admin? Do you know the ins and outs of Tomcat or Weblogic? Do you understand file security and shell escapes as used for low level linux calls? Can you ensure your DocumentRoot is properly protected? Did you install Mysql to be open to your localhost? localhost packet spoofing is trivial to Metasploit..... Are you certain that every single binary on your system has been patched or is not vulnerable to buffer overflow, or other types of exploits? Do you run iptables on each of your systems? Of course you might just run Nexpose Community Edition on your systems yourself? On Fri, Feb 18, 2011 at 4:56 PM, Stephen wrote: > > http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars > > I'm not a particularly experienced Linux admin, but most of these > would never have happened on my servers. and i know i would have had > them tested before i slept well at night. sheesh.... > > maybe if anyone is looking you can submit some resumes? :-) > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- (503) 754-4452 (623) 688-3392 Next PLUG Security Team Saturday Noon - 15:00 Gangplankhq.com http://plug.phoenix.az.us http://www.obnosis.com *Catch My MetaSploit & IP CAM Surveillance Presentations @ ABLEConf.com in April!*