[plug] Security, Social Engineering, Etc

Jeremy Malcolm Jeremy at Malcolm.wattle.id.au
Thu Mar 2 22:03:16 WST 2000


-----BEGIN PGP SIGNED MESSAGE-----

> Getting back to the original point which was me suggesting to Jeremy
> that most of the people who were likely to compromise his security
would
> not be people he knows, i.e. they would be strangers off the
Internet. 
> I base this on a) my own experience (and thus the view that I hold,
> which has now be extremely comprehensively discussed!) and b) the
> indication that he gave he sees regular penetration attempts on his
> network from remote sites on the Internet.  I notice that, so far,
he
> hasn't disagreed with me on this so I suspect that my original point
is
> probably still correct.

Yes I agree with you, no question about it.  I don't have enough
enemies for the reverse to be true. :-)  But I was that I was
proposing a specific "battle of the hackers" between myself and
someone else, where the kind of techniques I mentioned (how on earth
did they come up with the name "social engineering", by the way?)
would be likely to give me an edge over your common-or-garden skript
kiddie who would be stopped in his tracks pretty soon by an ordinary
well-secured system.  When you are faced with a system that has a
moderately clueful admin and that has been apt-getted from
security.debian.org, you need to be a little creative in order to get
anywhere fast.

- -- 
JEREMY MALCOLM Jeremy at Malcolm.wattle.id.au http://malcolm.wattle.id.au
SIG of the day: [ ] Contact  [x] Web  [ ] PGP  [ ] Taglines #1  [ ] #2
Ibn Qirtaiba: [http://]sf.sig.au.mensa.org | WASCAL: www.wascal.asn.au
Macdonald Rudder: www.proctors.com.au | Australian Mensa: au.mensa.org
Terminus Network Services: www.terminus.net.au | *: backinthe.ussr.net
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2i

iQB1AwUBOL39r7/mBljD2JABAQEg+QL+MS0cQCxVjBnwZCYmDtkvEYyS34iJ9+DB
kcMbUwi5QCaIVHsQRQuxroXpoCUdBdNruj9D9cHCal8aPd6FScXcHRbUkPHOT2zE
tw/OoAxoaHYmAaHcbi/Zw1WZQbAUxQV7
=jjZf
-----END PGP SIGNATURE-----




More information about the plug mailing list