21Nov2008 (UTC +8) On 11/21/08, joebert jacaba <[EMAIL PROTECTED]> wrote: [...] > Next meeting would be after Christmas. Right Drexx?
Right on dude :) Y'all pick up quick, and that's the company I'd like to hang out with! We'll do this PUOSU Con about once a month. Natawa nga ako sa iyo eh, tinamad kang mag cut-and-paste sa msfconsole, kaya ka nag-grep at msfcli... you threw everything at $TARGET in a span of a few seconds then just waited for a shell !!! Ha ha ha!!! Tapos, binato mo din ng "Kill Bill" kaya nag-reboot, at na-logout kaming lahat tuloy :D Body count? Jumbz's MS Windows 2003(?) Server and Domain Controller was penetrated by Sujiro, while everybody took down the pathetic MS Windows 2000 Server with IIS. Joebert and Philip remote-controlled MS Win XP SP2, and even had fun with me wrestling for control of the mouse pointer and keyboard strokes. Nagios (Linux based) remained standing, as well as OpenSolaris and Solaris 10 x86. Asteeg talaga. What's next? It was a great initial skirmish. And to think that's only an introduction for real infosec wargaming. Sujiro was chosen by the <shift>RAND of my scientific calculator to lead the next meet, sharing with us on how to 'sploit using w3af. I'll do support by talking about the innards of the HTTP and HTTPS protocol, as well as the OWASP Top 10. The next one will be Philip, and we'll go war-driving with aircrack, Google maps, net stumbler, and others we can think of. Joebert is lined up next to talk about msfcli and bash scripting, as well as the Metasploit autopwn feature. (Dude, isama mo na rin pala ang Nessus.) Jumbz, can you lecture about OSTMM (Open Source Testing and Methodology Manual)? We need to put some semblance of order after the initial excitement, and this is just the ticket for us. I'll support you by encouraging discussion on what code of ethics should we adopt --we'll borrow heavily from Philippine lawyers, CISSP people, from the Association of Certified Fraud Examiners, and definitely from ISACA. Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
