RE: Taking control of ones machine
From: Damien Adams (dadams@scientech.com)Date: 12/20/01
- Previous message: Bill Mote: "RE: question regarding SAM file / l0phtcrack / pwdump2"
- In reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: Brian Lucas: "RE: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Damien Adams" <dadams@scientech.com> To: "Steven Bonici" <sbonici@groupea.com>, <focus-ms@securityfocus.com> Date: Thu, 20 Dec 2001 16:07:24 -0500
Steve,
Anyone that would download a file and execute it without knowing exactly
what it is or what it does is vulnerable. Most operating systems (Windows
XP excluded) don't come with a way to remotely control the PC remotely
without installing additional software. As you have stated in your
experience, you had to download a file and install it. So that makes you
the enabler, not the original software. Most remote control software
packages open a port on the system to be controlled that listens for
commands from a system that will be doing the controlling. Usually the
software that is listening on this port will only accept certain commands
sent to it. They use various types of authentication. I would be quite
wary of letting anyone have remote access to one of my servers. Has this
software vendor told you why they want this access? How do they propose to
make the connection a secure one? Hope this info helps.
Damien
-----Original Message-----
From: Steven Bonici [mailto:sbonici@groupea.com]
Sent: Thursday, December 20, 2001 3:25 PM
To: 'focus-ms@securityfocus.com'
Subject: Taking control of ones machine
You have to forgive me with the following questions, as I am not sure if
this is the right group.
We have been asked by one of our software vendors to allow them to use WebEx
to take control of one of our servers. They explained to me that all I need
to do is to install a "plug-in" and they can take control of the server
through a web browser. We staged a test with a test server, and they came
right in and took control. Isn't way too easy?
I haven't contacted them yet, I thought I would ask here first. Is there
any documentation or white papers into how this actually works and what can
be done to protect the machine? Does anyone have any insight into WebEx? I
am really curious as to how easy this is. I know once you go to the WebEx
web site you need to agree and "allow" someone to actually connect, but it
just seems way too easy.
I know that websites can grab information from your browser, but again I
would love to know "how" and all this seems to be connected in some way. I
downloaded a copy of "pcaudit.exe" (by Internet Security Alliance), and that
just goes to prove how vulnerable one is.
Any information would be greatly appreciated.
Thanks - Steven
- Previous message: Bill Mote: "RE: question regarding SAM file / l0phtcrack / pwdump2"
- In reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: Brian Lucas: "RE: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
