lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: Frank_Kenisky at psc.uscourts.gov (Frank_Kenisky@....uscourts.gov)
Subject: RE: [Fwd: [TH-research] OT: Israeli Post Office break-in]

Without access to the entire article or knowing more than the media writes 
it's really not possible to tell.  But from what you've posted.  That is 
an interesting story.  With some configuration networks can be somewhat 
secure.  But leaving a port wide open to the public is not the best 
physical security.  I have seen this in hospitals.  The hospital remodels 
a public area but somehow leaves ports accessible to the public.  I've 
often thought that it would probablly be pretty easy for someone to say 
purchase a wireless AP (pretty inexpensive these days) sit in the public 
area (i.e. waiting room) with a laptop or PDA, connect to the AP and start 
surfing.

This of course would require a bit of knowedge but not much.

Frank Kenisky IV, CISSP, CISA
Information Technology Security Specialist
210-301-6433



John.Airey@...b.org.uk 
01/13/2004 03:10 AM

To
ge@...tistical.reprehensible.net, bugtraq@...urityfocus.com
cc
full-disclosure@...ts.netsys.com
Subject
RE: [Fwd: [TH-research] OT: Israeli Post Office break-in]






> -----Original Message-----
> From: Gadi Evron [mailto:ge@...tistical.reprehensible.net]
> Sent: 11 January 2004 04:07
> To: bugtraq@...urityfocus.com
> Cc: full-disclosure@...ts.netsys.com
> Subject: [Fwd: [TH-research] OT: Israeli Post Office break-in]
>
>
> I thought this story might interest some of you. See
> forwarded message
> below.
>
>       Gadi Evron.
>
>
> Date: Sat, 10 Jan 2004 19:23:15 -0800
> From: Gadi Evron <ge@...uxbox.org>
> To: th-research
> Subject: [TH-research] OT: Israeli Post Office break-in
>
>
> Mail from Gadi Evron <ge@...uxbox.org>
>
> This is completely off-topic, but very interesting.
>
> Apparently there was a break-in in a branch of the Israeli
> Post Office.
>
> The offenders placed a wire-less gateway connected to a switch inside,
> and through it stole a few tens of thousands of Shekels in
> the few days
> they were in operation (the Israeli Post Office is a sort of
> a small bank).
>
I can't resist any longer. I have to ask a few questions.

1. How did they know which switch to connect to? Wouldn't this require 
some
knowledge of network topology.
2. If it is indeed a switch and not a hub, how did they obtain access to 
set
this port to monitor traffic?
3. How did they get access to the switch. Shouldn't it have been locked
away.
4. How did they convert electrons to money? Was this by raiding bank
accounts or collecting credit card numbers?
5. How could they be unable to hide a WAP in a rack (assuming the switch 
was
in a rack)? I can think of several ways to hide one without it being
visible.

Seems like a bit of an inside job to me, but I'm no Dick Tracy...

-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@...b.org.uk

Even if you win the rat race, that will still only make you a rat.



-
DISCLAIMER:

NOTICE: The information contained in this email and any attachments is
confidential and may be privileged. If you are not the intended
recipient you should not use, disclose, distribute or copy any of the
content of it or of any attachment; you are requested to notify the
sender immediately of your receipt of the email and then to delete it
and any attachments from your system.

RNIB endeavours to ensure that emails and any attachments generated by
its staff are free from viruses or other contaminants. However, it
cannot accept any responsibility for any  such which are transmitted.
We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email and
any attachments are those of the author and do not necessarily represent
those of RNIB.

RNIB Registered Charity Number: 226227

Website: http://www.rnib.org.uk 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040113/ae5e3e88/attachment.html

Powered by blists - more mailing lists