Re: Windows 2000 System Hacked
From: S. Pidgorny
Date: 04/27/04
- Previous message: S. Pidgorny
: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011" - In reply to: Bob Smith: "Windows 2000 System Hacked"
- Next in thread: Bob Smith: "Re: Windows 2000 System Hacked"
- Reply: Bob Smith: "Re: Windows 2000 System Hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Apr 2004 19:24:27 +1000
This is the result of the new exploit for the MS04-011 SSL vulnerability. It
creates command console on 31337/TCP (same as BackOrifice).
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
and, in your case,
http://securityadmin.info/faq.htm#hacked
-- Svyatoslav Pidgorny, MVP, MCSE -= F1 is the key =- "Bob Smith" <bob@neconsulting.net> wrote in message news:upjoe57KEHA.556@TK2MSFTNGP10.phx.gbl... > Recently we had a Windows 2000, IIS 5.0 server hacked, what was strange was > it appears to have been from the webdav vulnerability as it connected to the > port commonly used by Back Orifice, although no BO files were drop on the > system. > > I thought the webdav vulnerability patch was released a year ago, although > this system was fully patched except for the latest five patches, and IIS > was fully locked down. Does anyone know if without the latest patches are > the systems vulnerable to the webdav. > > Thanks in advance, > Bob Smith > >
- Previous message: S. Pidgorny
: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011" - In reply to: Bob Smith: "Windows 2000 System Hacked"
- Next in thread: Bob Smith: "Re: Windows 2000 System Hacked"
- Reply: Bob Smith: "Re: Windows 2000 System Hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
