Infosec’10 metadata (I)



Wops! A long time without writing here… A lot of work and not too much time to write. But I’m going to try to fix it shortly!

Two weeks ago was the Infosec event at London. Our company had a very nice stand and I spent a good time Wednesday talking with some people about what we do and, more specifically, what I do as application tester at Pentura. But I can not stop thinking about security in any moment…

Others companies in the event were giving some CDs with documentation and programs. As I know that sometimes people don’t take care about what they copy into the CDs when they make the copies so I took some of them to analyze  They had been burning in my backpack for two weeks!! But today, when I inserted the first one, it makes my day.

The CD is from (ISC)2 and they call it Green disc. They have a lot of docs I’ll analyze some point this week but I discovered something very funny. They are using WS_FTP. How I know it? They left the WS_FTP.LOG files in some of the folders. Take a look:

This file contains the local path of the file (you can get the user name), the remote path of the upload (you get the path) and the IP of the remote server (need I say more?) You can found a lot of WS_FTP.LOG files at Google or, if you got the CD from the (ISC)2, have a quick look to these files 


P.D. Maybe is not a (ISC)2 IP but still funny (and not very secure…), isn’t it?