Penetration Testing...from the inside...

[embro1001]

Yeah, I kinda had that one coming to me.

[Kez]

You wouldnt happen to mean

"How can I test the vulnerability of my network from EXTERNAL attacks, from the INSIDE?"

I'm assuming that's what you mean???

[The Grunt]

Why stereotype peaple as hackers? No offense but the whole thing is rather childish. To me calling yourself a hacker is like jumping up and saying "i'm a poke'mon master!"... why do peaple feel a need to call themselves something lol or become something just because they own a computer.

I never said sterotyping was good... I said don't MOST people as in the media, the common public, stereotype hackers as being between the age of 14 and about 20 sitting at a computer doing bad things in the middle of the night...

Sterotyping in general is VERY childish, I will certainly agree with you there...

[embro1001]

Originally posted here by Kez
You wouldnt happen to mean

"How can I test the vulnerability of my network from EXTERNAL attacks, from the INSIDE?"

I'm assuming that's what you mean???

You know what, Kez? I think you can get the general idea of what this thread is by reading it. Ignore the title. Make one up if you want. Just don't point it out this late in the game. And no, at this point (Parts 1 and 2), I am not really testing EXTERNAL attacks, since (so far) my explorations are in fact done to the INSIDE from the INSIDE. If you have any more questions or comments, please feel to post them.

[TheSpecialist]

Originally posted here by The Grunt
sitting at a computer doing bad things in the middle of the night...

Ugh im tired of this... not ethics agian. No one is perfect and if you need a stupid colored hat to show if your a "good or bad" person then everyone is in the gray. Oh and define what you mean by the common public and what do you have? Ehh... !!haha!!

And about age, I've already said how I think its stupid and pointless... being about a 30 or 40 something year old who calls him/her-self a "hacker"... thats just plain sad man.

[moxnix]

OMG....and I wear a red hat Now what in the world would that mean. Before I went to the red hat I was wearing a bright lime green one, that everyone else hated (but it was free and made for a lot of comments).
My favorite hat was a 'Corona' one. I wore that untill it was almost black with grease and dirt. Really hated confining that one to the trash bin.
And as far as labels go.....the only one that I will let anyone attach to me is 'Interested'.

[embro1001]

Originally posted here by moxnix
OMG....and I wear a red hat Now what in the world would that mean. Before I went to the red hat I was wearing a bright lime green one, that everyone else hated (but it was free and made for a lot of comments).
My favorite hat was a 'Corona' one. I wore that untill it was almost black with grease and dirt. Really hated confining that one to the trash bin.
And as far as labels go.....the only one that I will let anyone attach to me is 'Interested'.

LMAO!

[wildred]

I am really curious and in a way glad that your company that you work for has not fired you for snooping etc.
I know in my own experience, that I found several severe security holes at my previous job. When it came time to tell the "temps" (one being myself) that we were all being laid off, I was kindly informed that I knew too much about the company, and that I posed a possible security risk to the system/computers. I spoke with the tech guy, only to find out he was clueless as to what I was talking about as well as what to do to fix it. I left the job with the knowledge of the security flaw in my head. From what I hear from former coworkers, the flaws still exist.

[embro1001]

Originally posted here by wildred
I am really curious and in a way glad that your company that you work for has not fired you for snooping etc.
I know in my own experience, that I found several severe security holes at my previous job. When it came time to tell the "temps" (one being myself) that we were all being laid off, I was kindly informed that I knew too much about the company, and that I posed a possible security risk to the system/computers. I spoke with the tech guy, only to find out he was clueless as to what I was talking about as well as what to do to fix it. I left the job with the knowledge of the security flaw in my head. From what I hear from former coworkers, the flaws still exist.

I find it amazing how little some IT people actually know. This obviously does not apply to ALL by any means, but when it comes to small companies, and companies where the main drive is not technology and computer security, it seems that less experienced people have an easier time finding their way into the IT departments.

I don't mean to offend you sysadmins with this post, since those of you who read this know what catagory you fall into, and agree when I say that less experienced people can make your department look bad.

[TheSpecialist]

In those situations I normally just go out and buy a notebook and pen or just print out a large report of everything I find & how to fix it then I tape it up to some place large and noticeable like a door, someones's screen, or on someone's huge ass. I would leave without anyone seeing that I was even around. No labels or accusations needed... it might even scare the **** outta peaple and litterally force them to do something.

I also find in these types of things it helps when you don't say "I Could do this and that yada yada yada". No need to do cartwheels around the office if you know what I mean.