lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <18f211400603290758l644304c9me6405c20a5dce256@mail.gmail.com>
Date: Wed Mar 29 16:58:16 2006
From: octetstream at gmail.com (Octal)
Subject: Hello everyone

> > After just a few hours of scanning (I have to start somewhere} I have
> > located quite a few routers that have their manufacturers password still
> > set not to mention loads of Windows machines that have port 139 open AND
> > have write access to the whole of the C: Drive in some instances.
>
> There goes 'ethical' right there. You didn't have permission to scan,
> and certainly didn't have a right to try to login to routers you found
> (their failure to secure it is not a defense since you knew it wasn't
> yours).


Depends on what your "ethics" are.  Twisting a doorknob and actually going
through the doorway are two different things.  Of course we don't know what
the original author really did.

> My question - since it is these machines that I understand will be the
> > computers that the hacker will use to hide him/her self and given that
> > there are tools around - just that I don't know of one yet - WHY doesn't
> > someone send a message to these machines that the owner will see and ASK
> > them politely to close up these holes? Perhaps something along the "net
> > send" command.
>
> I'll bet their/your ISP would absolutly *love* that.


I bet they would.  I have a contact at a  Tier 1 that loves hearing from me
when I see something strange on their consumer subnets that their IDS,
Anti-DDoS and Anti-Botnet software doesn't detect.  Granted that's a little
different than what the author is talking about, but when DoS liability is
eventually tested in court you can bet anything that liable ISPs would have
liked to know this stuff in advance.

Ian, the best advice I can give you is watch your back when you're doing
this stuff.  Mike is right that this won't be looked upon too kindly by some
authorities (ISP, law, etc).  Consumers would have heart attacks if they got
popups on their systems saying "you're vulnerable, lock yourself up", and if
they don't more often than not they'll disregard the popup as illegitimate.

If you truly want to do something your best bet overall is to contact
someone intelligent at the ISP any of these hosts/routers belong to.  It's
also riskier than doing nothing, attempting to contact the users, or
plugging the holes on your own, but it would be a more respected channel.
Once upon a time I detected an ID theft ring and a compromised server in New
Jersey containing 80+ GB of usernames/passwords for bank, paypal, email, etc
accounts.  I called the provider and they didn't want to hear from me.  I
called their upstream provider and the FBI and then they started listening.
Good luck and don't commit any felonies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060329/dc383f32/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ