Re: [Full-Disclosure] Lets discuss, Firewalls...

From: Michael Scheidell (scheidell_at_secnap.net)
Date: 08/30/03

  • Next message: Redaktion-Kryptocrew: "Re[2]: [Full-Disclosure] Selfmade worms in the wild ;)" 
    To: "Mike @ Suzzal.net" <mike@suzzal.net>
Date: Sat, 30 Aug 2003 09:11:06 -0400 (EDT)

    > Admin password is blank.
    > > All IPC$ shares are there.
    > I can surf the web from the box so it is fine.

    security industry has a saying: crunchy on the outside, chewey on the
    inside.

    EASY to get inside your computer with your help.
    Once done, you are 0wn8d.

    you can hit a malishious web site and automaticly start running active x
    controls.

    you can receive a 'day0' virus that runs on your computer.

    you can get a call from the FBI (like 19 others did last week, and 318 did
    on September 13th, 2001) saying that they suspect that either you are a
    hacker or terrorist, or your computer has been taken over by a hacker or
    terrorist

    you can have all your data wiped out, owned, cookies taken (where pin
    numbers, passwords and bank accounts might be)

    you can have spyware loaded that will keep track of all of your
    keystrokes, including pin numbers, passwords and bank accounts.

    you can get your isp to cut you off due to activity that you didn't even
    see happening.

    > If you serve NO applications from the inside of your network (no publicly
    > accessible web server, email server, ftp server etc...), and you have a NAT
    > router so your addressing on the inside or your home or business is private
    > (i.e. 192.168.0.x, 10.10.10.x, 172.16.1.x)

    those 20 systems that were to SERVE UP the sobig.F upgrade were running on
    programs, no servers (except that which the hacker put on)
    >
    > Do you still need a firewall? Why?

    you need more than a firewall.

    says top 7 mistakes users make, #4 (i think) is:
    Relying primarly on a firewall.

    You need to practice 'save hex' in all that that means. 

    -- 
Michael Scheidell, CEO
SECNAP Network Security, LLC 
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Looking for a career in Internet security?
http://www.secnap.net/employment/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: Redaktion-Kryptocrew: "Re[2]: [Full-Disclosure] Selfmade worms in the wild ;)"

    Relevant Pages

    • Re: Event Security
      ... The firewall logs are the first place to look. ... firewall and windows system [ideally using an internet NTP server] and try ... If the user is using IIS to try the passwords, ...
      (microsoft.public.win2000.security)
    • Re: no network access from workstations
      ... group on that computer is what you expect and change any administrator passwords ... being sure new passwords are complex. ... using weak passwords and no firewall or misconfigured firewall, ... > I have a Windows 2000 server in a peer to peer network. ...
      (microsoft.public.win2000.networking)
    • RE: VmWare and Pen-test Learning
      ... Setup a tftp server on your client machine. ... Use John the Ripper to crack the passwords. ... (dictionary attacks, brute force, single mode). ... Download FREE whitepaper on how a managed service can help ...
      (Pen-Test)
    • Re: getting rid of reset disc
      ... Assign all new passwords to all accounts and password protect your BIOS. ... Go through this list and secure your PC. ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: I THINK I HAVE A VIRUS MY ANTIVIRUS SCAN WONT EVEN RUN
      ... |> your computer online - meaning you likely have usernames and passwords ... |> Why you should use a computer firewall.. ... |> have to be the built-in Windows Firewall of Windows XP. ... |> The system restore feature is a new one - first appearing in Windows ...
      (microsoft.public.windowsxp.help_and_support)