Date: Fri, 23 May 2008 11:16:45 -0500
From: Paul Schmehl <pschmehl_lists@...rr.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Need some help with management

--On Friday, May 23, 2008 11:56:15 -0400 Elazar Broad <elazar@...hmail.com> 
wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Its not even funny how often this happens. I have a friend who does
> some consulting work for small businesses, and the amount of times
> that he has come across medical practices that run their billing
> and record keeping software on the same "fully-loaded" XP box that
> their receptionist(s) use to download random crap...
>

Typical scenario - professor runs Windows XP with Skpe and Google Toolbar and a 
host of other "helpful" desktop applications - oh, but that's his "server" too 
- running IIS and mysql - default installs, mind you - replete with cross-site 
scripting and sql injection problems - and all his research with no backups - 
and then gets irate because his computer gets blocked at the switch port for 
policy violations.

I could go on, but you get the idea.

Why do they do it?  Because they can - at least until we catch them.

How many mysql installs do you think there are worldwide, listening on the 
default port, with "root@...alhost", "root@...N", "@localhost" and "@FQHN" all 
in the default state with no password?

-- 
Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists