Post your URL's and I will prove you wrong Stephen?

Are you an adept Apache/Mysql admin? Do you know the ins and outs of Tomcat or Weblogic?  Do you understand file security and shell escapes as used for low level linux calls?  Can you ensure your DocumentRoot is properly protected?

Did you install Mysql to be open to your localhost?  localhost packet spoofing is trivial to Metasploit.....

Are you certain that every single binary on your system has been patched or is not vulnerable to buffer overflow, or other types of exploits?

Do you run iptables on each of your systems?

Of course you might just run Nexpose Community Edition on your systems yourself?


On Fri, Feb 18, 2011 at 4:56 PM, Stephen <cryptworks@gmail.com> wrote:
http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars

I'm not a particularly experienced Linux admin, but most of these
would never have happened on my servers. and i know i would have had
them tested before i slept well at night. sheesh....

maybe if anyone is looking you can submit some resumes? :-)

--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss



--
(503) 754-4452
(623) 688-3392

Next PLUG Security Team Saturday Noon - 15:00 Gangplankhq.com http://plug.phoenix.az.us


 http://www.obnosis.com
Catch My MetaSploit & IP CAM Surveillance
Presentations @ ABLEConf.com in April!