Re: 'rooted' NT/2K boxen?

From: RMcElroy@mbe.com
Date: 05/02/02 

To: H C <keydet89@yahoo.com>
From: RMcElroy@mbe.com
Date: Thu, 2 May 2002 14:01:01 -0700

Let me start by saying this the meaning of "rooting" a box figurativly comes
from the Unix world but can be applied to any OS.. Rooting a NT/2K box is the
same but instead of a root account you obtain a system or Admin account. But
sysing and admining a box does not have a ring to it. Back to the subject yes
their are tons of NT?2K (Microsoft) boxes hacked and rooted every day. Try this
site to see some web hacks on 2k and NT: http://www.zone-h.org/ . The idea of
exploiting a box via misconfigured OS, software or poorly set security
configurations happens everyday. There are rootkits trojans and tools written
specifically for Microsoft OSes. Afterall it is the most prevalant desktop
software on the market and most organizations are to scared or don't have enough
knowledge to implement Linux.

"Good system administration is good security, and vice versa"

Rick McElroy

                                                                                                                                              
                    H C
                    <keydet89@yaho To: focus-ms@securityfocus.com
                    o.com> cc:
                                         Subject: 'rooted' NT/2K boxen?
                    05/02/2002
                    10:31 AM
                                                                                                                                              
                                                                                                                                              

Recently, there have been several messages posted to
the Incidents list about rooted Linux boxen. My
question is this...has anyone seen NT/2K boxen
'rooted', in the sense that a Linux box is usually
rooted...completely taken over, trojaned binaries,
backdoors, users installed, rootkit(s), tools copied
over?

If so, what, if any, info would you be willing to
share about the system?

I'm trying to get an idea of how prevalant this sort
of thing is, and also to see what's being done, so as
to not only better protect my systems, but to assist
me in building a better incident response methodology.

Thanks.

__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com

Quantcast