Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Remote Desktop Command Fixation Attacks

from [Pete Simpson] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
Date: Fri, 12 Oct 2007 09:25:06 +0100 
Defence in depth is in question? After more than 20 years in compsec,
the fallacy of the argument that defence in depth is dead is ironic.
D.I.D. means that if defence A fails, B comes in. If B fails C comes in
then D. etc. Though pdp is a very inventive youngster, it takes a few
grey hairs to master security.

Or perhaps we in the 'old scool' are deluded.

Rgds

Pete

CUSTOMER TESTIMONIAL OF THE WEEK
----------------------------------------------------------------
Claudely Penchiari, IT Manager, Comgas:
"We selected MIMEsweeper because of its policy-based content security, advanced 
threat and remote management and its ability to integrate with virtually any 
third-party anti-virus tool"
----------------------------------------------------------------
Clearswift monitors, controls and protects all its messaging traffic in 
compliance with its corporate email policy using Clearswift products.
Find out more about Clearswift, its solutions and services at 
http://www.clearswift.com

This communication is confidential and may contain privileged information 
intended solely for the named addressee(s). It may not be used or disclosed 
except for the purpose for which it has been sent. If you are not the intended 
recipient, you must not copy, distribute or take any action in reliance on it. 
Unless expressly stated, opinions in this message are those of the individual 
sender and not of Clearswift. If you have received this communication in error, 
please notify Clearswift by emailing support@clearswift.com quoting the sender 
and delete the message and any attached documents. Clearswift accepts no 
liability or responsibility for any onward transmission or use of emails and 
attachments having left the Clearswift domain.

This footnote confirms that this email message has been swept by MIMEsweeper 
for Content Security threats, including computer viruses.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Technology and your Security Program, Kelly Robinson
Next by Date:  Re: [Full-disclosure] rPSA-2007-0212-1 util-linux, yearsilent
Previous by Thread:  Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Xo Plague
Next by Thread:  Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Jim Harrison
Indexes:  [Date] [Thread] [Top] [All Lists]