Page 1 of 4 123 ... LastLast
Results 1 to 10 of 36

Thread: How to show problems with bad security???

  1. #1

    How to show problems with bad security???

    Hello,

    I'm a newbie when it comes to the side of hacking/penatrating systems, exposing holes, exploiting vulnerabilities, etc... I've always consentrated on simply learning what was needed to protect against the current threats. But it seems it has become necessary to learn in order to maintain security/stability...

    I NEED help!!!

    My problem is this;
    We have a new guy here in my I.S. Dept that has become 'buddy buddy' with the manager. As such, his 'opinions' are now starting to be taken more seriously then mine - despite my 6yrs experience as a Admin.

    The recent issue is "REALLY" bugging me, the manager has allowed this newbie operator to do the install and config on one of our new W2K servers. The problem being the newbie doesn't want to disable ANY services whether their being used or not. As its his 'opinion' that a complete 'vanilla' install/config of W2K is more stable and easier to maintain, and there is no good reason to turn the services off.

    This is a stand alone server with always on internet access that stores confidential information, that is not acting as a website server. Well obviously this doesn't sit well with me, how the hell can you call a W2K server 'stable' or 'secure' when you have every service includding IIS running. On top of that, no AV software or firewall, as he says they just eat up resources...

    Well after I complained enough, all I got from my manager as a response is "to prove him wrong" along with permission to do anything but access the physical machine to try to hack/break it...


    Why I need help;
    So now I need to find a way to show the vulnerability of this server, whether doing so breaks it or not, as I obviously don't want to sit back and wait for someone 'possibly malicious' finds this vulnerability and exploits it.

    Is there some easyway to hack a W2K server via port 80, or to send it a program or a virus/worm thru that port???

    I know of many past instances, like 'Code Red' and 'Nimda', where I was glad the other servers were secure - but I'd rather not wait for something like that to go around again, just to prove my point... (Hell I hope something like that never does go around again, really)...


    Any help or direction to look would be appreciated,
    RRP

  2. #2
    Banned
    Join Date
    May 2003
    Posts
    1,004
    http://www.microsoft.com/technet/tre...s/MBSAhome.asp

    Run that, print the results, give them to your manager.
    Trying to compromise the system is a waste of time and company resources. If you fail to meet the vendor's suggested secure configuration, you are not meeting "due care." Nothing else matters.

    catch

  3. #3
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    Not that I'm any kind of an expert (I'm below beginner), but I'd think if you let it sit there long enough, you won't need to do anything at all.

  4. #4
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    Im sorry to tell you this bpiedlow,

    but you sound like a jealous pathetic employee...No need to pull your pants down and expose the crack of your ass..Your giving us TMI..

    You could have posted your question by simply asking,,
    Are there any known vulnerabilities with win2K running port80/http services? ..

    Sorry all if I seemed a bit rough with him, he had it coming and it was a
    good time to balance my antipoint assignements..

    cheers

  5. #5
    Well, the post was a bit whiney, but I understand. I've seen this happen all to often in small outfits. Anyway, the one response with the URL is the appropriate one. Any fool who functions as the individual described in the original post won't last long. The problem is he/she will do a great deal of damage in the process.

    For the rest, MS's web site has well written "best practices" documents for almost all occasions and they make for excellent justification to bosses and non-tech administrators. Keeping a secure system in this day and age is entirely too important. Use the resources available to you.

  6. #6
    Thanks everyone,

    Well eveyone but gunit0072003 who obviously just felt like flaming someone...

    I'm mean really
    You could have posted your question by simply asking,,
    Are there any known vulnerabilities with win2K running port80/http services? ..
    Well DUH! I already said that I KNOW there are vulnerabilies with it, so why would asking that do me any good?

    As I explained, what I'm looking for is ANYWAY to show the hole - and as I specifically said
    So now I need to find a way to show the vulnerability of this server, whether doing so breaks it or not
    Which is exactly what I'm looking for...

    It seems catch's URL should cover what i wanted 'perfectly'... Thanks again Catch...

    RRP

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    Firstly...hello again to all AO'ers..Havent posted for quite some time now.

    I would run a security scanner on the box like Nikto to test the security of the webserver, and to check the security of the OS, scan it with a testing tool like Nessus (but dont DOS the box).

    The output will tell you that the box is insecure, which you could then pass on to your boss... And you have done it without hacking the machine or causing any downtime (hopefully)...
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  8. #8
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    prove him wrong then rub his face in it ever chance you get!!!
    all else failes wright a big fat report that happones to get on the desk of the highest person in manage ment, stipulating all this confidential data that is being exposed, and th possability of law suits if it gets out... (pending on what kind of bussiness your in)

    also if this person is new and really as good as he thinks y the hell would he be leaving everyting open?
    unless he has be cona buddy buddy to get free rain and access to the server, do what he likes with to, so he cae benifit from it, eg removing data for personal / profatable use.

    Just a thought, Id be keeping an eye on him/her..


    Nightfalls_Girl

  9. #9
    Junior Member
    Join Date
    Jul 2003
    Posts
    26
    Originally posted here by gunit0072003
    Im sorry to tell you this bpiedlow,

    but you sound like a jealous pathetic employee...No need to pull your pants down and expose the crack of your ass..Your giving us TMI..
    Yea, a bit too much, but if he didnt put any information as to what his situation is, members may mistake him for a hacker/cracker/gay prostitute and then either not give him information or just make posts about how they are not sure of their origions. I am not saying that he couldnt have made it all up, but it does help with the reasoning a bit.
    Release a bomb filled with Ritalin and Pharmacy death. Keep the rich above in the hills where the impact will not reach them. Then go for the ironic statement and call it a cure for pollution.

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    I dont know what is more embarrassing; 1) to admit that my 13yr old nephew gained access to my PC or 2) accepting the remarks that were posted on my behalf..

    bpiedlow, or anyone else, please accept my apologies for any rude remarks made in my name during last 2 hrs.

    Ive been had by a 13 yr old using an external keyboard logger.....

    sheepishly sincere
    gunit

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •