Re: 80 and 88
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 06/02/04
- Next message: Steven L Umbach: "Re: Auditing folder moves"
- Previous message: Steven L Umbach: "Re: User Last Login"
- In reply to: Svejk: "80 and 88"
- Next in thread: Svejk: "Re: 80 and 88"
- Reply: Svejk: "Re: 80 and 88"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 02 Jun 2004 01:55:01 GMT
Port 88 is for kerberos while 80 TCP is for http website. By default in W2K, IIS is
installed and enabled. There are many attacks that can be launched against a web
server that will be successful if the web server is not patched or secured for web
services though it is doubtful in the real world that a domain controller would not
be protected by a firewall. These attacks often involve creating a buffer overflow
condition which allows a user to have system access to the computer. An attacker may
also try to gain access to system files through IIS, particualry if the website is
located on the same partition as the \winnt folder. --- Steve
http://www.sans.org/top20/#w1 --- see W1.1
http://www.hackersprogrammers.com/articles/iis.htm
http://www.iis-resources.com/modules/mylinks/topten.php?hit=1
"Svejk" <svejkmb-mail@yahoo.co.uk> wrote in message
news:42c83856.0406010943.6b4fc526@posting.google.com...
> I hate to have to do this, but I'm having trouble with a coursework.
> Anyone care to suggest how they'd tackle it?
>
> "Discuss how an intruder using ONLY the TCP/80 and TCP/88 ports can
> break into a Windows 2000 Server that is functioning as a domain
> controller. Assume that the Windows 2000 Server is not making using
> of IP-Sec or Kerberos."
>
> I've no idea. :-(
> Svejk
- Next message: Steven L Umbach: "Re: Auditing folder moves"
- Previous message: Steven L Umbach: "Re: User Last Login"
- In reply to: Svejk: "80 and 88"
- Next in thread: Svejk: "Re: 80 and 88"
- Reply: Svejk: "Re: 80 and 88"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
