RE: more info on a hopefully unsuccessful compromise

• Previous message: james: "Fw: qmail smtp-auth bug allows open relay"
• Maybe in reply to: LiNERROR: "more info on a hopefully unsuccessful compromise"
• Next in thread: Leo, Joel: "RE: more info on a hopefully unsuccessful compromise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: incidents@securityfocus.com
Date: Mon, 14 Jul 2003 13:35:08 -0700

moderator oh moderator - please let this one through as it is clearly on
topic.

i've been browsing through this thread, and haven't seen anyone mention
sid2user and user2sid yet.

http://www.chem.msu.su/~rudnyi/NT/

any chance they can help?

> Administrator is the default name of the account w/ an
> RID of 500, one then has to ask, did you change the
> name of the default Administrator account?

would help finding out who is actually holding that RID.

-d

----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists. See for yourself what the buzz is about!
Early-bird registration ends July 3. This event will sell out. www.blackhat.com
----------------------------------------------------------------------------

• Previous message: james: "Fw: qmail smtp-auth bug allows open relay"
• Maybe in reply to: LiNERROR: "more info on a hopefully unsuccessful compromise"
• Next in thread: Leo, Joel: "RE: more info on a hopefully unsuccessful compromise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]