Firewalls: Re: Windows NT holes and Lotus Notes holes (fwd)

Firewalls
(November 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Windows NT holes and Lotus Notes holes (fwd)
From:	Ron DuFresne <dufresne @ winternet . com>
Date:	Mon, 27 Nov 1995 17:50:26 -0600 (CST)
To:	Sick Puppy <sikpuppy @ maestro . com>
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . 3 . 89 . 9511271334 . A18281-0100000 @ maestro . com>
Posted-date:	Mon, 27 Nov 1995 17:50:27 -0600

On Mon, 27 Nov 1995, Sick Puppy wrote:

>     Several people sent me mail asking for specifics of security weaknesses
>     on Windows NT.  I have found very similar weaknesses on Lotus Notes
>     servers.  We are are talking about some big companies here with some
>     big tough lawyers who used to be football players, and I am only a
>     skinny little dawg with no legal experience, so pardon my prudence in
>     not being specific about holes.
> 
>     Run CrackerJack as a DOS program under Windoze and look for weak
>     passwords.  Despite all the hype about various products, I still
>     routinely crack 20 percent of passwords on systems I go after.
>     Mind you, I use a 20 megabyte password dictionary with 24 different
>     languages.  But even the Morris Worm's dictionary will get you a couple
>     of accounts on most systems.
> 
>     Look for large amounts of shared user disk space, such as those used by
>     cc:Mail or word processors or spreadsheets, which are writable/readable
>     by anybody and which most security programs don't check.  These are
>     great places for hiding your Windows hacking applications.  If you do
>     it right, you can set up your cracking .DLL to kick off when the user
>     starts their "legitimate" application.
> 
>     Look for file systems which can be remotely mounted across the network.
> 

But you haven't really listed any outside-in holes here.  And most of the 
inside-in errors you point at are less holes and more configuration / 
administration errors <moles sniffing from the inside count not>.

Crawl out from within that safe little net-doghouse and bang at an NT box 
directly and document some holes in a supposedly securely setup 
system...gawd, I hope admins don't just install out of the box and let 
be, no matter the OS/NOS...

The cry for some real evidence continues...

Later,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

References:

Windows NT holes and Lotus Notes holes (fwd)
From: Sick Puppy <sikpuppy @ maestro . com>

Indexed By Date	Previous:	Re: Lotus Notes and Firewalls From: Robert Dana <bob @ worldcom . com>
Indexed By Date	Next:	Re[2]: Securing Devices Associated w/ A Firewall From: "Greg Hume" <ghume @ cybergraphic . com . au>
Indexed By Thread	Previous:	Windows NT holes and Lotus Notes holes (fwd) From: Sick Puppy <sikpuppy @ maestro . com>
Indexed By Thread	Next:	Re: Windows NT holes and Lotus Notes holes (fwd) From: "O'Sullivan, John (x4714)" <OSulliva @ mis49 . nbc . com>