I have a question about the feasibility of exploiting the openssl -- predictable random number generator found in Debian.

I know it's a very dangerous vulnerability, but if a system vulnerable with it, but no keys were generated on that system, and there is no way for anyone to sniff the traffic between this server and clients, brute force will not work because three bad logins and the IP is banned indefinitely(unless it was reset manually) how an attacker will be able to attack the system?

Thx

Thank you Ketchup! I don't think I will go this route.

What I'm thinking of is something simple and legal. For example, set a web page on a dedicated server, can the user use some social engineering then send an email and wait and watch may take an hour or so, then remove the page.

But I'm not sure if this can be consider a good practice or not.

Yes, I use v 4.76

I don't know timmedin but with me its not.

Thank you for the advise guys!

Would you recommend having a dedicated hosting with a hosting company, that one can secure then use for carrying out such tests, of course one needs to be careful that no one else will use it etc?

Hello,

I would like to ask those who carried out pen tests where client-side exploits were allowed in the rules of engagement. Now you are going to place the exploit on a web server so the victim/client will access it and you will get for example a shell to their machines. What is the best location for this web server that will help you avoid any legal issues?

Thx

Thank you xXxKrisxXx, -A is equivalent to -O + -sV so I guess the method should be the same.

Hello everyone,

I did a nmap scan to a webserver using the following:

#nmap -A 10.10.1.1

The result was

PORT    STATE  SERVICE      VERSION
80/tcp  open   http?

Then I did another scan but this time specifying the port

#nmap -sV 10.10.1.1 -p 80

The result was

PORT   STATE SERVICE VERSION
80/tcp open  http    Microsoft IIS webserver 6.0

So I wonder why nmap was unable to find the version using -A while -sV showed correctly?

Did anyone came across something like that?

Thx

Thank you Seth for the link.

I was waiting for a while for an OnDemand version of the course, can we expected to be out in March/April 2009?

Thanks a lot guys, very helpful tips indeed. I started making my own index, which I think is a very good idea in the preparation for the exam.

Thank you so much geekyone, BillV, and vijay2 that helps.

BillV, vijay2, do you guys think if you passed the practice you will pass the actual test too?

vijay2, I'm preparing for taking the exam you passed short while ago, the GPEH. It will be my first GIAC exam.

I would like to ask those who took GIAC certificate exams, about the difference between the practice exams and the real exam? I know the practice exam will prepare you for the real exam and give you a chance to see the areas you need to work on, but can one expect to see some questions in the real exam already she/he saw in the practice exam? Is there a big difference between the two? If one passed both practice exams what are the chances she/he will pass the real exam?

Thank you,

-D

Thank you vijay2 for the links, much appreciate it.

Hello,

I although I registered to this webcast, I couldn't make it on time. Is the archive available?

Thx