lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.44.0308011019140.6957-100000@marconi>
From: bwatson at nettracers.com (Bryan K. Watson)
Subject: DCOM Exploit MS03-026 attack vectors

> Because 9 times out of 10 port 135 is blocked by some sort of firewall,
> whilst port 80 is not blocked on a web server.

Not telecommuters on dial-up IP's and Blue-Toothed into the net thru 
their Ericsson phones, and surfing from the airport and WIFI cafes of the 
world.   Most Sysadmins are still oblivious to the need for 
desktop/personal firewalls like Zone Alarm and McAfee.  Dial 
up IP address pools are THE attack vector to watch out for, since a crack 
there will crack the private networks of the world, either thru VPN, or 
when the user walks back into the office and plugs in the wormed system.

Spend hundreds of thousands on firewalling, millions in man hours on 
security, then let unprotected laptops in and out of your network, and 
allow uncontrolled home computers to VPN....what a waste.

You don't need high bandwidth for the initial spread....just a good 
vector.   People need to think about this threat differently...I'm sure 
that the crackers and espionage folks already have.

-Bryan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ