LIGATT Security International Products and Services

The following table lists products and services available from LIGATT Security International (LSI) or associated companies owned / managed by Gregory D. Evans. The column labeled "Perception of Value" is strictly the perception as seen by Attrition.org staff, several of whom have been working in the computer security industry in a professional capacity for almost 15 years (well before Evans began).


Company Product Perception of Value
LIGATT Hacker for Hire (Service) Description reads as a couple of computer security types sitting in a room waiting for a call, e-mail or instant message. They will offer general advice on computer security, but will fail to meet several tasks on the list they offer. Help locate a stolen computer: only if their software is pre-loaded. Identify spyware and where it originated from: identify with 3rd party software, the odds of locating where it originated from are slim. Assure your wireless network is secure: strictly based on telling you how to configure it, not by actually testing it. Remove viruses or worms: generally accepted that the only way to truly get rid of most current malware is to fully reinstall the operating system. Help locate these cyber predators: not without extensive work, physical access to the network and a lot of dedication if there is a chance they could pull this off.

Summary: This service is the equivalent of asking the smart kid next door to set up your computer. He can do that, but he can't write software, setup a Solaris system or explain the difference between WEP and Ad Hoc.
LIGATT BoobyTrap (Service) "Boobytrapped" e-mail to identify the IP of the person reading it requires several things; that the e-mail client is configured to load 3rd party hosted images, the person reads the mail, the person uses an IP that can be tied to a physical address, and more. While many clients will load the image, a person who compromised your mail account may not read your mail. More to the point, a majority of IP addresses can only be tracked to a city unless the ISP cooperates and gives up information (they won't without a subpoena). Claims of the boobytrapped mail allowing you to take pics with their webcam are silly. That requires them to install whatever malware LIGATT sends to them: not very likely.

Summary: The idea of boobytrapped e-mail is extremely old and unreliable at best.
LIGATT Cyber P.I. (Product / Service) This application is just a method to communicate with the security geeks in the back room of LIGATT. See the 'Hacker for Hire' service listed above. This application could be written by a proficient coder in roughly two hours.

Summary: If you need help encrypting your "must" important data while not getting advice with "bios" in their recommendation, I am certain that this is something only LIGATT can offer.
LIGATT LocatePC (Product) The features of this software strongly mimic those of the old "remote administration program" called Back Orifice. However, LocatePC relies heavily on a single thing to happen in the case of a stolen laptop: that the bad guy boot it up and connect to a public network. Since most laptop thefts occur for quick financial gain, and most criminals want to remove trace of original ownership, the operating system gets re-installed. Even if the software is used successfully, there is a questionable legal foundation related to its use. Laptop recovery software is also a dime a dozen, many of them free.

Summary: Being proactive and more careful with your laptop offers a considerably higher value than LocatePC does.
LIGATT Portsnitch (Product) This is LIGATT's home-grown port scanner, that boldly claims to be more powerful and more accurate than any others on the market. After working past their misuse and mingling of technical terms, ask any security professional in the world outside of their company what the defacto port scanner of choice is, and ask the price. Comparing Portsnitch to "vulnerability" scanners and claiming they can't check all ports is asinine and demonstrates LIGATT fails at using any modern vulnerability scanner. Worse, LIGATT endorses illegal activity by suggesting you use unsecured wireless networks in public locations.

Summary: Hundreds of port scanners have quickly come and gone.. for a good reason.
LIGATT IPSnitch (Product) Another name and spin on their 'Boobytrap' service (see above), with more misuse and mingling of technical terms. The ability to spoof email can be done without any special programs if you read any decade-old computer security book or use a flexible e-mail client, even some 20 years old.

Summary: Using my regular e-mail client, I can spoof e-mail too.
LIGATT Tattletell (Product) An entire product that uses 'ping' and 'whois' essentially, to tell you if a computer is online. Because apparently, these tools are out of the realm of FBI agents that gave Evans the idea for this software. Of course, it relies on the remote computer answering to ICMP requests and will rarely give you information beyond a state or city, but close enough for government work! Obtaining a "fingerprint of the computer" would require the user's interaction in some fashion. Unless LIGATT believes that millions of people have the same fingerprint.

Summary: Relying on pinging a remote host to determine if it is online is a lesson in futility.
LIGATT RECON (Service) Managed port scanning service that alerts you if a port open up that wasn't there before! The mixed use of portscan with vulnerability scan calls into question what they really do, and which vulnerability scanner they use to do it. The value of this service then rests on how often they perform a scan, the extent of the scan and the collective vulnerability knowledge of LIGATT staff.

Summary: Without these details available, it is impossible to say if this service is any better than cron, Nessus and a 'diff' type script.
LIGATT PC211 (Service) Another version of RECON and Hacker for Hire? Worse, it seems to require another LIGATT product (Portsnitch) to feed it information? Any penetration testing solution that requires that information from another product is broken from the start, hardly "full-fledged". The lack of warning about exploiting vulnerabilities as relates to system stability, scheduling scan times and establishing what exploitation entails should send you running away fast.

Summary: Without more details, it is impossible to say if this service is any better than Metasploit.
LIGATT Hacker in 15 Minutes (Product) This set of e-books and accompanying class is 'free', but requires you spend $75 on the LIGATT applications demonstrated in the class. If this class is anything like their "Hacker in 15 Minutes" Twitter campaign, then you can rest assured that purchasing a single book will teach you everything Evans would, and more!

Summary: Based on LIGATT's history, this course will likely be plagiarized. Perhaps you could barter spelling and grammar lessons for the e-books.
LIGATT / SPOOFEM.com SPOOFEM SPOOFEM is a service that lets you spoof caller ID information by using LIGATT as a bridge between you and the other party. Moving past the potential illegality of caller ID spoofing, the value of such a service is immediately suspect as the uses are relatively limited. Claims that the call is untraceable rely on the other party not having certain business-class phone services (e.g., an 800 number, ANI, phone company employee, law enforcement, etc). The mix of "untraceable e-mail" as relates to SPOOFEM is baffling, unless the mail is sent through a proxy that they guarantee scrubs the data (making them potentially liable if they run such a proxy).

Summary: Great fun for pranks on friends and other limited scenarios.
LIGATT SPOOFNET A proxy server, advertised for personal use to "bypass company firewalls". This isn't exactly the agenda of most security companies, especially ones that advertise their service of monitoring employees (see Hacker for Hire). The "Business Use" says SPOOFNET is like NAT, but fails to offer a valid reason to use it over NAT. The only "compelling" reason they offer is that the thousands of other proxy servers on the market "cannot be trusted".

Summary: A run-of-the-mill proxy server from a company that can't be trusted.



Other notes:


main page ATTRITION feedback