Professional Documents
Culture Documents
Brian Martin has been involved in computers since the early 80's. His
experience spans from first generation home computers to large scale
servers powering the most current business applications today. Working in
the computer security industry for the past five years, he has provided
security audit and penetration assessment for foreign banks, Fortune 500
companies, Department of Defense and more. He has provided training and
consultation for the Federal Bureau of Investigations, Defense Criminal
Investigative Services, and the National Security Agency. In recent
months, Brian's articles focusing on security issues have been widely
circulated on the Internet, corporate newsletters, and print magazines.
Unix:
– Remote buffer overflows
– Sniffer / trusted path attacks
– Poorly-coded CGI’s
Windows NT:
– RDS / MSADC
– IISHack
– MS Front Page misconfigurations
– Other misc. CGI/Web exploits
80 – 90%
– Friendly, appreciative, asking us for help,
thanking for notification
10 – 20%
– Hostile responses, threats, insults, blame us
CERT
– Recent addition. CERT originally asked to be
removed from notification utility
– When challenged on why they exist in the first
place, they agreed to receive notifications
NIPC
– Forwarded notifications on to “the appropriate
people” approximately 20% of the time – some
replies state they do not fall under infrastructure
threats
– No response for other 80% of notifications
Obvious signs
– signatures (graphics or text)
Broken Image
– pathed to local drive where HTML was created - few
geniuses pathed to c:\microsoft\office\john\doe\ or
similar paths that included their real name
Meta tags
– Generators, meta names, and more
Greets, misspellings, language, more
Yellow: NT, White: Linux, Orange: BSD, Green: Solaris, Purple: All Other
Yellow: NT, Green: Solaris, White: Linux, Orange: BSD, Purple: All Other
Statistics / Graphs
http://www.attrition.org/mirror/attrition/stats.html
• Brian Martin
jericho@attrition.org
• Matt Dickerson
munge@attrition.org
• Dale Coddington
punkis@attrition.org