Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: New article on SecurityFocus

from [Navroz Shariff] Network Security [Permanent Link]
Subject: RE: New article on SecurityFocus
Date: Fri, 6 Jan 2006 10:23:16 -0500 
I definitely agree with Thor.

Everyone had made the WMF exploit more vulnerable in theory then in
practice. May be some IT staff are axious for something big to come
out...it adds excitement to life :-)

Don't worry...Rootkits such as the proof of concept 'Shadow Walker' will
soon arrive and add some spice to IT life.

-Nav

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@hammerofgod.com] 
Sent: Thursday, January 05, 2006 5:00 PM
To: Erin Carroll; pen-test@securityfocus.com
Cc: Larry Seltzer; focus-ms@securityfocus.com
Subject: Re: New article on SecurityFocus


A few hundred million Windows XP machines lay vulnerable on the Web 
today, a week after a zero-day exploit was discovered. Meanwhile, new 
approaches and ideas from the academic world - that focus exclusively 
on children - may give us hope for the future after all.

http://www.securityfocus.com/columnists/377


Sorry, but it's not going to happen.  Yes, it is a serious
vulnerability, but there will be no Armageddon here.  Comparing this to
the RPC vulnerability (which had worm potential) is specious.

Overall, I think community's coverage of wmf has been delivered with an
ounce of perception, and a pound of obscurity.  It's almost as if people
*want* it to be worse than it is.  I'm not surprised, of course.  But
regardless,  my call is that we'll see a little activity here and there,
the patch will come out, most will install it (or have it installed
automatically) and the whole issue will fade away.  But that's all.

We'll know for sure shortly, either way.

t

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it." 


------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your website. Up to 75% of cyber attacks are launched on shopping carts,
forms, login pages, dynamic content etc. Firewalls, SSL and locked-down
servers are futile against web application hacking. Check your website
for vulnerabilities to SQL injection, Cross site scripting and other web
attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: audit trails for file access, Scott Liebergen
Next by Date:  Re: New article on SecurityFocus, Drew Simonis
Previous by Thread:  RE: New article on SecurityFocus, Derick Anderson
Next by Thread:  Re: New article on SecurityFocus, Drew Simonis
Indexes:  [Date] [Thread] [Top] [All Lists]