On Mon, 27 Nov 1995, Sick Puppy wrote:
> Several people sent me mail asking for specifics of security weaknesses
> on Windows NT. I have found very similar weaknesses on Lotus Notes
> servers. We are are talking about some big companies here with some
> big tough lawyers who used to be football players, and I am only a
> skinny little dawg with no legal experience, so pardon my prudence in
> not being specific about holes.
> Run CrackerJack as a DOS program under Windoze and look for weak
> passwords. Despite all the hype about various products, I still
> routinely crack 20 percent of passwords on systems I go after.
> Mind you, I use a 20 megabyte password dictionary with 24 different
> languages. But even the Morris Worm's dictionary will get you a couple
> of accounts on most systems.
> Look for large amounts of shared user disk space, such as those used by
> cc:Mail or word processors or spreadsheets, which are writable/readable
> by anybody and which most security programs don't check. These are
> great places for hiding your Windows hacking applications. If you do
> it right, you can set up your cracking .DLL to kick off when the user
> starts their "legitimate" application.
> Look for file systems which can be remotely mounted across the network.
But you haven't really listed any outside-in holes here. And most of the
inside-in errors you point at are less holes and more configuration /
administration errors <moles sniffing from the inside count not>.
Crawl out from within that safe little net-doghouse and bang at an NT box
directly and document some holes in a supposedly securely setup
system...gawd, I hope admins don't just install out of the box and let
be, no matter the OS/NOS...
The cry for some real evidence continues...
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.