Network Security: Detailed info on Re: [Full-disclosure] Remote Desktop Command Fixation Attacks

Subject:	Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
Date:	Sun, 14 Oct 2007 15:12:59 -0400

Subject:

Re: [Full-disclosure] Remote Desktop Command Fixation Attacks

Date:

Sun, 14 Oct 2007 15:12:59 -0400

I guess there's some logic in spreading FUD about security in depth
not working. It might be a nice way to scare potential customers
who don't know much about security into whatever services
Gnucitizen team sells. However, these kind of tricks
simply won't work with any seasoned  security professional.
It'll actually backfire if you are not careful... because you
won't be taken seriously in the industry. I'm pretty sure
Pdp's rating in the books of many security professionals
went down quite a few notches :-) It's a small world...
and most likely it'll affect your and your company's
future... because you'll need to do business with
people like Thor (who gave a great and very logical
description with proper supporting examples of what
security in depth is and what's mean to do).
The chances are that they'll simply choose to work
with someone else... who betters understands the big
picture in security :-)

CQ

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, (continued) Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Gautam R. Singh Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gboyce Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect) Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gboyce Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Xo Plague Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Pete Simpson Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Jim Harrison Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, John C. A. Bambenek, CISSP Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, Thor (Hammer of God) Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect) Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, C Q <= Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect) Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, C Q Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, gjgowey Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, James (njan) Eaton-Lee

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: [Full-disclosure] full-disclosure@hushmail.com, phioust
Next by Date:	[Full-disclosure] Apache Tomcat Rem0Te FiLe DiscloSure ZeroDay (W3bd4v), kcope
Previous by Thread:	Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect)
Next by Thread:	Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect)
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: [Full-disclosure] full-disclosure@hushmail.com, phioust

Next by Date:

[Full-disclosure] Apache Tomcat Rem0Te FiLe DiscloSure ZeroDay (W3bd4v), kcope

Previous by Thread:

Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect)

Next by Thread:

Re: [Full-disclosure] Remote Desktop Command Fixation Attacks, pdp (architect)

Indexes:

[Date] [Thread] [Top] [All Lists]