lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA24eKuEkK0U2NuVRIYlKGfcKAAAAQAAAA0ie2NZw/BkuUKMDkyFmiZgEAAAAA@pchandyman.com.au>
Date: Sat, 7 Oct 2006 11:45:20 +1000
From: "Greg" <full-disclosure3@...andyman.com.au>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: Removing the NIC cable = EoP?



I don't really understand the fuss to be honest.

Eg, to do that you would have to be so lax in security that anyone who could
take an Ethernet cable out and put it in another computer would be able to
do that. This means that someone is bending over, unplugging, moving it the
required distance to another machine and plugging it in.

Hell, the well known and still existing Windows problem would be much
easier....you know the one yes? You have a networked machine that has a
password at keyboard level and a screen saver set to take it back to the
logon screen when inactive for "X" minutes. To get back in at keyboard level
for a non-hacker means knowing at least the password or possibly the
username and password depending on how it is set up. However, if the
keyboard user has already logged on then, say, gone to lunch and the machine
has defaulted to wanting you to logon, it retains its network capability.
Much easier for a pissed off employee to use that method to gain access than
being seen moving to that computer and back again. I have always maintained,
which some disagree with, that if the machine requires local user logon in
those circumstances, it also should be forced off the network. After all,
the machine that I discovered that had that problem was a payroll one and of
course anyone able to get in via the network could while normal users who
didn't know the password couldn't.

If anyone is interested, yes I sent that one in to MS quite some time back
just around when they released SP2 for XP. They said it would be an option
(you decide which way it behaves) next SP and/or Windows (eg, Vista). Don't
hold your breath on it happening.


> -----Original Message-----
> From: Jessica Hope [mailto:jessicasaulhope@...glemail.com] 
> Sent: Friday, 6 October 2006 11:20 PM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Removing the NIC cable = EoP?
> 
> 
> Lee Turner is correct, a default RM machine running Windows 98 (or
> 95...) will allow local admin if it can't reach the network. 
> Since such machines would be deployed in schools and 
> sometimes by people who do not know anything about what they 
> are doing, this attack can work rather well.
> 
> However, RM's defaults are worse than that, as all 
> restrictions are stored in the registry, so you can just as 
> quickly unrestrict yourself with modification of a few keys...
> 
> Jessica
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ