[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030821124326.S53550-100000@vapid.ath.cx>
From: lwc at vapid.ath.cx (Larry W. Cashdollar)
Subject: HP Tandem NonStop servers
On Thu, 21 Aug 2003, KF wrote:
> Well if its a unix based OS I would start with a suid / sgid listing...
> as well as checking the listening services...
>
> Shoot me a find / -perm -4000 and a find / -perm -2000 along with a
> netstat -a and we can go from there.
>
> If you are willing to give up a shell I'll beat on the suids myself for
> a bit. =]
> -KF
Also see what type of hash function is used to store
passwords(md5?,crypt()) as well has any password file shadowing.
Check out system directory and file permissions as well. Is there alot
of cruft installed? X11 japanise language fonts etc..? what are the
default system accounts in /etc/passwd? look for that as well.
-- Larry C$
Powered by blists - more mailing lists