Re: FTP Window of opportunity?
From: Erik Birkholz (erik_at_foundstone.com)
Date: 03/25/04
- Previous message: Duy Trac: "RE: Oracle DB Audity"
- Maybe in reply to: C Ryll: "FTP Window of opportunity?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Mar 2004 20:32:03 -0800 To: <carolynryll@hotmail.com>, <pen-test@securityfocus.com>
Carolyn,
Are you testing from an XP box with ICF on?
That would explain it.
Erik
---------------------------------------
(Msg from BlackBerry Wireless Handheld)
---------------------------------------
Erik Pace Birkholz - CISSP, MCSE
Foundstone, Inc.
Strategic Security
Read Special Ops and mount an assault to eradicate network negligence today. www.SpecialOpsSeries.com
[Tel] 949.297.5591
[Cel] 323.252.5916
[Fax] 949.297.5575
[pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc
-----Original Message-----
From: C Ryll <carolynryll@hotmail.com>
To: pen-test@securityfocus.com <pen-test@securityfocus.com>
Sent: Wed Mar 24 12:46:52 2004
Subject: RE: FTP Window of opportunity?
Wow! I have received back alot of great advice and information. At this
point, I am going to use a sniffer, and also try netcat, and see what the
results are.
Nmap was configured with just the default options (one question that was
asked of me).
Sorry I didn't give any specs on the system... The operating system is
actually XP Embedded; the firewall that is being used on the system is the
Internet Connection Firewall. I cannot add software to the system - mainly
because how it is built for the OS. However, I can turn off the firewall,
and plan on testing a theory to see if the firewall might be the source of
the behavior. FTP is definately not running on that system - so it is very
curious.
Guaranteed, I will let you know the results of my testing.
Thank you,
Carolyn.
_________________________________________________________________
Get reliable access on MSN 9 Dial-up. 3 months for the price of 1!
(Limited-time offer)
http://join.msn.com/?page=dept/dialup&pgmarket=en-us&ST=1/go/onm00200361ave/direct/01/
---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------
---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------
- Previous message: Duy Trac: "RE: Oracle DB Audity"
- Maybe in reply to: C Ryll: "FTP Window of opportunity?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
