tag:blogger.com,1999:blog-4088979.post2488389608344749322..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Training an IDSRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4088979.post-63359013898829851202007-04-14T08:41:00.000-04:002007-04-14T08:41:00.000-04:00Anybody acting like they did would be apprehended ...Anybody acting like they did would be apprehended and questioned.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-58349610775095241682007-04-14T04:47:00.000-04:002007-04-14T04:47:00.000-04:00"We were watching the airplanes," Ms. Al-Homsi sai..."We were watching the airplanes," Ms. Al-Homsi said. "That's not a crime, unless you're Muslim."Bunda Pakistanihttps://www.blogger.com/profile/18150801207749222435noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-12813662089926539962007-04-12T11:40:00.000-04:002007-04-12T11:40:00.000-04:00Couple weeks ago one of our pen-testers was doing ...Couple weeks ago one of our pen-testers was doing work for a client that happens to be a large utility company.<BR/><BR/>His probes were getting completely dropped by the front-line IDS. He was about to give up and write the report.<BR/><BR/>Then he had a bit of inspiration. He had found out they hosted their own web sites. So he started surfing the site, signed up for an account on one of their services, and then relaunched his probes.<BR/><BR/>The probes got through this time, and he was able to aggressively scan the front-line and DMZ hosts. Recursion was enabled on their DNS so he was able to probe way into their internal structure as well.<BR/><BR/>The worst finding was that they were depending on Secure Works for realtime monitoring and alerting. After he began looking like a real customer Secure Works didn't note anything and the utility's security manager never received an alert.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-49786306038777394452007-04-12T00:09:00.000-04:002007-04-12T00:09:00.000-04:00This comment has been removed by a blog administrator.Ayishahttps://www.blogger.com/profile/14790237594110917232noreply@blogger.com