Re: Actual Security Cases

From: theog (theog@theog.org)
Date: 01/31/03

  • Next message: Barry Irwin: "Re: Strange outgoing packets ..." 
    From: "theog" <theog@theog.org>
To: <security-basics@securityfocus.com>, <ullmic6@web.de>
Date: Fri, 31 Jan 2003 02:04:29 +0200

    Well , I can't really point you to such stories , but , I do ,however , have
    an advise for you based on personal experiance.
    make sure the proper people know about the risks (remote account hacking,
    locking , being as secure as the remote mail server which is usually a
    bigger target for hackers) - make sure you send a written memo or e-mail
    about it to the proper people (not only your manager) , people tend to think
    twice when it's their neck.

    TheOg

    > > Does anybody know a good internet source of actual
    > > security related real
    > > life cases? I know that it's a risk to forward
    > > corporate mail to
    > > internet e-mail account like AOL or gmx. But I need
    > > a case like "in
    > > january 2001 the aol accounts of xyz got cracked and
    > > a lot of
    > > confidential data was published by some hackers on
    > > the internet" to
    > > convince a manager who thinks the risk is just
    > > theoretical and nothing
    > > ever happened. I would like to have such stories for
    > > different threats
    > > (no remote access via modem, no weak passwords, no
    > > unenecrypted data on
    > > laptops,...). In my opinion the stories in the book
    > > "Tangled Web" are
    > > just a starting point (some of them are not easy
    > > enough for managers).
    > >
    > > --
    > > <- ullmic6 ->
    > >
    >
    > __________________________________________________
    > Do you Yahoo!?
    > Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
    > http://mailplus.yahoo.com
    >

    Relevant Pages

    • Re: User Accounts
      ... account that surfs the web, and confining everything that comes down the ... Especially since folder permissions has less downside risk than filtering ... >every tool and feature in XP to lock down security as best as is possible. ... and settings do not stay the same when user account rights ...
      (microsoft.public.windowsxp.security_admin)
    • Re: User Accounts
      ... >every tool and feature in XP to lock down security as best as is possible. ... code that is exposed to the "outside", the higher the risk of exploit. ... If I limit an account in XP Home, it falls back to hiding paths, ... and settings do not stay the same when user account rights are ...
      (microsoft.public.windowsxp.security_admin)
    • Re: How to remote access Windows XP Pro computer?
      ... you happen to use Norton Internet Security please read the following link. ... link for the remote person to access their system. ... "Is LogMeIn secure and what is SSL? ... separate passwords to access both your LogMeIn account and your Target ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: RWW and Remote desktop stopped working on all clients
      ... After diggin through ALL the group policies, I found Remote ... Desktop DISABLED under the Account Lockout policy - I don't think I've even ... adminsitrator or another account with Domain Admin role; also the server ...
      (microsoft.public.windows.server.sbs)
    • Re: DomainLocalServer$ is not a valid user
      ... I have traced by SQL-profiler on remote computer. ... it's always traced the user account. ... Its Security is ... to use the current user credential to logon to the remote server. ...
      (microsoft.public.sqlserver.security)