[Noisebridge-discuss] Security group update
Josh Myer
josh at joshisanerd.com
Fri Nov 6 21:58:30 UTC 2009
Clearly, this needs an HDTV donated: http://xkcd.com/350/
One quick question, which will put a lot of our minds at ease: how are we
keeping this system from affecting/infecting the rest of the local network
and the internet at large?
On Fri, Nov 6, 2009 at 1:45 PM, aestetix aestetix <aestetix at gmail.com>wrote:
> Hey,
>
> The security group hasn't generated much discuss-list activity, but we've
> been working on a few things. Had a couple of lectures (I spoke on classical
> cryptography and cross site scripting, micah has given a few chats on
> networking security and xampp), and some other things.
>
> We now have a computer set up at 172.30.1.173 that is hosting a bunch of
> virtual machines. Some of them are CTF images, and a few others are very
> crappy insecure images (Like early versions of Windows XP), and last night I
> built an image that I installed apache, mysql, and a few other things on.
> The idea is that we can go through milw0rm and other sites, find exploit
> code, and test it out on a local system. Some people are interested in
> security but have never actually practiced it, and this is a great way to
> break the ice.
>
> The system currently has Joomla with a plugin or two that is known to be
> insecure. I'll be finding applicable exploit code and putting it on the
> system so people can see how it works. Ideally, we'll have a few dozen of
> these, so anyone who wants can log in, try their hand, and then look at the
> code to see how it works. It has a lot of the elements of HackThisSite, but
> with software that is actually running on a lot of servers.
>
> If anyone is interested in contributing to this, join the security list!
>
> aestetix
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
--
Josh Myer 650.248.3796
josh at joshisanerd.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20091106/9e4e60bd/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list