Re: Netowrk Admin. Breach


<chadpendergrass@xxxxxxxxx> wrote in message
news:29879f80-857b-4dbc-9c38-4d81e70b23d1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Jun 10, 4:18 am, "Anthony [MVP]" <anth...@xxxxxxxxxxxx> wrote:
Chad,
The "how" is a big question. I have been looking for something useful for
you on this specific
topic:http://www.microsoft.com/technet/archive/community/columns/security/e...
You should also go through the Windows 2003 Security Guide
Hope that helps,
Anthony,http://www.airdesk.co.uk

"Al Dunbar" <AlanD...@xxxxxxxxxxxxxxxxxxx> wrote in message

news:%23NnKKvqyIHA.1772@xxxxxxxxxxxxxxxxxxxxxxx


<big snip>

/Al- Hide quoted text -

- Show quoted text -

Thanks for all the info, guys. I'm looking at this from a hacker point
of view. A White Hat Hacker, that is. I can apply patches, and I can
run "canned" programs, and be pretty good at security. But I do
remember this White Hat I ran into years ago. The guy ran his own
consulting business, and did quite well for himself. He understood the
rudiments of each attack.

==> ah, yes, if you want to be a security consultant, then the more you know
of the techniques, the more marketable you will be...

I sacrificed my Linux box to him, and he performed a buffer overflow
and took root. He did it in under 5 minutes! He explained to me the
attack, but at the time it was a little beyond me.

But my approach to network security is similar to his.....I look at
how I could attack the system. And whenever an employee leaves I try
to imagine how he or she could get in....what methods they could use,
etc.

==> I agree. But whether or not their still knowing the admin password to
some relatively insignificant system in your network is something they could
use to attack your entire infrastructure should be a moot point: thay have
no business knowing any of your sensitive passwords. Given that there is no
business case for them to know passwords, it behooves the company to take
that away from them, just on principle, and regardless of whether or not
that knowledge could somehow be used against you.

I've worked with network integrators, and I've heard them tell clients
that their systems are secure. They'll say "Well, maybe so and so can
remote in, but their account has no privs. to do anything." I've
demonstrated that using an account with no privs. I can still delete
information by using some seemingly harmless programs.

==> you are right to be skeptical of claims of a system being secure,
because, quite frankly, we always seem to be playing catchup, and nothing is
ever 100% secure.

Now I am by no means a hacker. I have a great imagination, but I lack
the intelligence to be at a White Hat's level. But in my opinion, and
I could be offbase here, the REALLY good guys know how an attack will
occur, and why a certain precaution is taken to defend against the
attack. But I agree that in the real world you don't need to be at
this level just to defend a system. But man....it can be pretty fun!!!

==> Agreed. we now seem to be pretty much on the same page.

/Al


.

Relevant Pages

  • Re: can they hack into my computer?
    ... attack on some suspiciously encrypted strings of text trying to ... reliable, in terms of security, can SE Linux possibly be, given ... Don't forget about "back door" passwords and multiple points ...
    (alt.internet.wireless)
  • Re: Electronic Storage of Class 1/ 2 Medical forms... "Best Practice"?
    ... This has proven to be more of a security ... it will be as secure as most of the stuff at the NSA (National ... the user is taken to the server directory where the form is stored. ... Are the passwords sufficiently ...
    (rec.scouting.usa)
  • Re: Ethical Hacking Training
    ... I fully agree that to defend one *must* know how to attack. ... Rigel Kent Security & Advisory Services Inc ... >in enforcing secure coding standards and forcing vendors to clean up ... >their act and making their products work more efficiently and securely. ...
    (Pen-Test)
  • Re: gets() is dead
    ... The first step in writing a secure program is not to do things you know are insecure. ... When doing audit, both manual inspection and static analysis ... I have worked on safety critical SW where security was not a requirement. ... A powerful attack is fault injection, RSA can for example be broken after a single faulty calculation. ...
    (comp.lang.c)
  • Re: How do you destroy a CD disk ?
    ... The incident prompted a discussion by some of us concerned about data security. ... One discussion we had mentioned of using thermite grenades to burn critical papers fast in case a military base was overrun. ... Keeping data secure is first and foremost an issue of physical security. ... He was able to retrieve the passwords of over 2,000 machines by exploiting shortcuts that individuals used. ...
    (soc.retirement)
Quantcast