[SATLUG] Security Issues

Christopher Lemire christopher.lemire at gmail.com
Mon Jun 16 22:14:15 CDT 2014


On Mon, May 26, 2014 at 8:44 PM, Alex Bartonek <bartonekdragracing at yahoo.com
<javascript:_e(%7B%7D,'cvml','bartonekdragracing at yahoo.com');>> wrote:

> I dont have that problem.  :-)
>
> Pretty amazing that there are hits on that file and I'm sure this is
> nothing new, maybe new to this list.
>
> --------------------------------------------
> On Mon, 5/26/14, Christopher Lemire <christopher.lemire at gmail.com
> <javascript:_e(%7B%7D,'cvml','christopher.lemire at gmail.com');>> wrote:
>
>  Subject: [SATLUG] Re: Security Issues
>  To: "The San Antonio Texas Linux User Group Mailing List" <
> satlug at satlug.org <javascript:_e(%7B%7D,'cvml','satlug at satlug.org');>>
>  Date: Monday, May 26, 2014, 7:59 PM
>
>  Here is another. It's only been
>  tested with Google. I don't promote using
>  this knowledge for bad intent or purposes.
>
>  ?intitle:index.of?”.mysql_history
>
>  Christopher Lemire
>
>
>  On Mon, May 26, 2014 at 7:56 PM, Christopher Lemire <
>  christopher.lemire at gmail.com
> <javascript:_e(%7B%7D,'cvml','christopher.lemire at gmail.com');>>
>  wrote:
>
>  > I don't promote or condone use of information for bad
>  intent and purposes.
>  > As a person who is interested in Software Development
>  and Linux Systems
>  > Administration, I've looked at ways people can use what
>  somebody such as
>  > myself could leave a hole in security either through
>  mistake or just
>  > programing without security in mind or knowledge of
>  such attacks even
>  > existing.
>  >
>  > Again, I don't condone using this for bad intent, but
>  this I'd like to
>  > make people more aware of what they are doing that
>  results in these.
>  >
>  > Simply putting this into google can bring up quite a
>  bit or even through
>  > means of another search engine.
>  >
>  > ?intitle:index.of?”.cookies.txt
>  >
>  > You will notice some backups of cookies used by cookie
>  manager+ firefox
>  > extension
>  >
>  >
>  >
> http://www.naturesstrength.com/silas/hbbenefitsquote/database/hbbenefitsquote-2007-08-07.sql
>  >
>  > http://www.naturesstrength.com/silas/hbbenefitsquote/.my.cnf
>  >
>  > Feel free to notify these people of what they've made
>  publicly available
>  > through webcrawling bots google's yahoo's msn's etc.
>  available as well as
>  > it not being a good idea to put other bad security
>  practices into place as
>  > you like.
>  >
>  > Christopher Lemire
>  >
>  --
>

As security has become a larger concern, my intent was only to see if
anyone was interested in a presentation on security practices that could
help system administrators and developers follow better security practices
that would be able to prevent a large majority of the attacks. And the
presentation wouldn't be used on any networks that could jeopardize the
security of any networks, more as a demo with such things as metasploitable
being ran on a virtualbox local-only network.

Anyone interested?

Christopher Lenire



-- 
Christopher Lemire <christopher.lemire at gmail.com>
Fedora 64 bit Linux Raid Level 0

Gnu Privacy Guard Key Fingerprint = 32CA 0B0B 8A07 6969 7581 BD47 6053 3930
1D4B DC3E

Web: http://linuxinnovations.blogspot.com
Code: https://github.com/BullShark/JSpeak


More information about the SATLUG mailing list