|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: pen-testing an information kiosk (breaking out of the application)
From: <alaric(at)alaricsecurity.com>
Date: Mon Apr 28 2003 - 22:34:13 EDT
('binary' encoding is not supported, stored as-is)
In-Reply-To: <20030423091601.25852.qmail@www.securityfocus.com>
Did you know that you have VNC running on your network? Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
Received on Tue Apr 29 11:03:59 2003
Date: Mon Apr 28 2003 - 22:34:13 EDT
('binary' encoding is not supported, stored as-is)
In-Reply-To: <20030423091601.25852.qmail@www.securityfocus.com>
Hi,
Building off what Mark Reardon has already posted, you should also consider the physical security of the kiosk (e.g. weak locks and visible cables).
Another thing to remember is that passwords of these types of systems are trivial. If you start browsing past issues of 2600 you will find plenty of articles detailing store computers (One that comes to mind is how someone broke restriction controls on a Compaq computer on display at Radio Shack). I hope I was of help.
Later,
Alaric
Did you know that you have VNC running on your network? Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
Received on Tue Apr 29 11:03:59 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |