[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] RE: DANGER!! etc.
- Subject: [cobalt-security] RE: DANGER!! etc.
- From: "Michael J. Cannon" <mcannon@xxxxxxxxxxxxxx>
- Date: Fri, 10 Aug 2001 00:43:16 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
RE: I read the sniff part, There's lots of tools for that. I don't see
where it says decrypt.
First, given the DMCA, Dima Sklyarov, the current frenzy and damage cause by
blackhats, etc. it would be rather stupid of Alor and Marco to clearly post
"here's the decrypt string!" or "Crack SSL data streams for fun and
profit!" This is a toolbox just as a rootkit is. Read on...the authors
have a rather interesting set of technical documents linked in the page.
I'll bet it'll only take you about 5 minutes to find out how to use this
tool to c*apfilter, MIM and run the ARP *oisoning features of this lovely
little monkey wrench and then how to break and fish an SSH1 session...with a
little more research, you'll be well on your way to black hat heaven.
Seriously, the value of a tool like this is for a community such as this
(besides knowing they exist - the point of my post) is to be able to use it
(obviously in your own network only and in legal ways only) to find out how
the bad guys operate and thereby better prepare yourself.
As Curtis said, there are a lot of tools like this. However, there are very
few people like Alor and Marco who surface these tools and provide a point
of contact for us to observe and collect information on how the bad guys
operate. Just a thought. Use the opportunity (while it lasts) as you will.
Back to CR II (or is it VII?) and the POWER bots.
Michael J. Cannon
"Si vis pacem, para bellum."