Re: Software vendor clueless

Valdis.Kletnieks_at_vt.edu
Date: 08/20/03

  • Next message: Patrick Nolan: "Re: Sobig.F (Was: document _ a l l . p i f)"
    To: Mark Medici <mark@dbma.com>
    Date: Wed, 20 Aug 2003 00:47:33 -0400
    
    
    

    On Tue, 19 Aug 2003 18:32:11 EDT, Mark Medici <mark@dbma.com> said:

    > If, in fact, the firewall is configured as indicated, and that only
    > authorized IP addresses from the software vendor's IP space is permitted
    > to access pcAnywhere, then it is NOT a trivial hack to gain access to
    > pcAnywhere in order to exploit the weak passwords. In order to
    > circumvent the firewall, the intruder would have to first compromise a
    > router or host at either the vendor or customer's end, or somewhere in
    > between, or the firewall itself. Or the intruder would need to gain
    > physical access to one of these end locations.

    Actually, no.

    RFC1948: Defending Against Sequence Number Attacks. S. Bellovin. May 1996.
         (Format: TXT=13074 bytes) (Status: INFORMATIONAL)

    Turns out it was this very attack that Kevin Mitnick used on Shimomura's
    machines...

    And it turns out that a lot of vendors still get it wrong, or suboptimal:

    http://razor.bindview.com/publish/papers/tcpseq.html

    
    



  • Next message: Patrick Nolan: "Re: Sobig.F (Was: document _ a l l . p i f)"

    Relevant Pages

    • Password cracking / recovery Lotus Notes R6
      ... Currently I am working with a client to gain access to a Lotus Notes R6 ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • Re: Password cracking / recovery Lotus Notes R6
      ... > Currently I am working with a client to gain access to a Lotus Notes R6 ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)