Re: Vulnerability exposing user name for the accounts?
From: Steven L Umbach (n9rou_at_comcast.net)
Date: 08/24/03
- Next message: Vanguard: "Re: Drive C Access Denied"
- Previous message: Steven L Umbach: "Re: How to clean hidden Pop-up window software in Windows?"
- In reply to: Amin Mohadjer: "Vulnerability exposing user name for the accounts?"
- Next in thread: Amin Mohadjer: "Re: Vulnerability exposing user name for the accounts?"
- Reply: Amin Mohadjer: "Re: Vulnerability exposing user name for the accounts?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 24 Aug 2003 03:04:09 GMT
Apparently you do not use a firewall or it is misconfigured. Go to
http://scan.sygatetech.com/ to scan yourself for basic vulnerability to internet
attacks. These type of attacks generally use ports 139 or 445 which is a well known
vulnerability when exposed to untrusted networks. I prefer a hardware firewall at the
perimeter, and there are real firewalls for around $75 these days from the likes of
Netgear. If you do not want to invest in a hardware firewall, then their are software
alternatives. --- Steve
http://www.netgear.com/products/prod_details.asp?prodID=140&view=
http://www.webattack.com/Freeware/security/fwfirewall.shtml
http://www.microsoft.com/security/articles/4steps.asp
"Amin Mohadjer" <no_spam_555_mohadjera@yahoo.com> wrote in message
news:835225c4.0308231523.471ebe28@posting.google.com...
> Last night someone tried to break into my Windows 2000 server by
> trying all the user accounts. He did not go far as I had the account
> policy set to locking out on 3 tries but I am puzzled as to how the
> hacker obtained the user name for accounts since this wasn't a case of
> blind dictionary attack. He only tried the accounts that existed on
> the box, no less, no more (IUSR_COMPUTERNAME, IWAM_COMPUTERNAME,
> guest, administrator).
>
> I am concerned. What do you suggest I should do? I ran NAV and it did
> not find any virus or worm.
>
> Has anyone heard of a vulnerability such as this? Right now I am
> up-to-date on patches but perhaps I caught up with one too late to had
> closed the door in time.
>
> Regards
> Amin
>
> P.S. Please remove no_spam_555_ from the email address if replying
> directly.
- Next message: Vanguard: "Re: Drive C Access Denied"
- Previous message: Steven L Umbach: "Re: How to clean hidden Pop-up window software in Windows?"
- In reply to: Amin Mohadjer: "Vulnerability exposing user name for the accounts?"
- Next in thread: Amin Mohadjer: "Re: Vulnerability exposing user name for the accounts?"
- Reply: Amin Mohadjer: "Re: Vulnerability exposing user name for the accounts?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
