I still can't telnet in. Too bad cause i think i have a solution for the level 10 password!

Personally,  i feel that some focus on securing printers should be made. They may not be as critical as windows servers, but any compromise on your network could lead to other attacks. Also if for some unknown reason they can serve up files via ftp or http to the the outside, you could get the into the same sort of liability (or perhaps negative publicity) issues as if you left an ftp or http site unsecured. One may argue that the fact they have hard drives,  are running ftp servers and http servers they should be treated as servers... If it qucks like a duck..

Multifunction printers  that plug into your phone line and the network should be a major concern.  The HP line obviously use a modem PCMICA card. The vendor claims that callers can't establish a modem connection via the phone line and then access your LAN. However i  have seen securelogix (voice firewall/IDS) reports that show modem energy on fax lines attached to MFPs. The SecureLogix application is technically smart enough to tell the deference between modem "energy" and fax calls.. Sure these cases may be false positives.. BUT the possibility of LAN access via the fax modem cards does exist, at least in my paranoid mind.

damn, i can't download the level 6 file... anyone able to get it, the web services seem to be down.. unless this is part of the challenge..

thanks Don, that's great!

Thanks, I'm sold.
makes me wonder what other cool magazines i may be missing out on.
Besides this mag, 2600 and the "Information Security Magazine".. are there other security magazines I should consider subscribing to?

Hello all,
Like most people on this site, I’m very interested in pursuing a career in information security. I have about 10 years of solid IT experience focusing mostly on telecom. I’ve had some exposure to information security in enterprise environments.

My interest in technology goes back to my early childhood (20 years now). I'm definitely obsessed with technology particularly security and insecurity.

While I build my education and obtain some more certs I was thinking of starting my own security business on the side. Focusing on small business who can't neassarly afford to hire KPMG or PWC to audit their systems and help improve security.

Has anyone here gone down this road? Any advice? I know that I need to see a lawyer to come up with some sort of template legal agreement. I should probably look at insurance as well.

Anyone subscribe to Hackin9 http://en.hakin9.org/ ?
Sounds like a very interesting print magazine based out of the EU.. I'm thinking about subscribing but I’m worried that they might be fly be night... close shop after  a couple of issues.

I see that you can challenge the exam for $800. Can anyone recommend reading material that may help pass the exam?

Have you guys taken a look at this document that max moser wrote titled
Busting the bluetooth myth ?
http://www.remote-exploit.org/research/busting_bluetooth_myth.pdf

Has anyone seen or heard of real proof that this method works?

BTW I am not condoning piracy in any shape or forum..

I'm going! I've wanted to guy since defcon2.. This is my year though.. Time off, airfare and hotel booked.


Hi BTW, I'm new But would be interested in meeting up with others from EH net.

I read this review and was very interested.. However I was pretty disappointed to see the price tag.. 2k USD for the course and $400 for the test? Is that really the cost? Please tell me that I missed something