Page 1 of 4 123 ... LastLast
Results 1 to 10 of 35

Thread: Windows XP security test

  1. #1

    Windows XP security test

    Both IP's are signed up! No more room left for others! All accounts of verifying it is my IP have been processed (to the point of tinfoil hat verifications), and it is a go. Thanks guys!

    Box information

    Windows XP Pro SP1 with latest patches
    400MB RAM
    Pentium III 800mhz Processor
    3rd party firewall instead of built in ICF firewall so I can monitor logs.


    Note: After this case-study is COMPLETE, I will be conducting another case study using nothing but Windows XP Pro SP2 with latest patches. No 3rd party firewall involved. More details on that later. This way not only can we prove that a good admin can lock up XP tight as a drum, but that the newer default installs of XP with SP2, without 3rd party software, and in the hands of a good admin.. are still going to be tight as a drum.

    Greetings,

    Recently there have been topics of conversation in regards to the security of Windows, and in particular, Windows XP. I would like to settle this in a proof-of-concept case study. I have an XP box sitting right here. Now, I have gone through the measures of securing it, protecting it, and safeguarding it to my finest degree.

    I want it cracked. I want it wide open and hacked. Now mind you this isn't a free for all, but a very serious and monitored case study. Logs will be kept, a whitepaper of your activity is required, and most importantly... you need to ask permission. I will only be allowing two people at a time, and will only disclose the IP of that box via PM (or AIM) to people that I feel qualify as mature and responcible individuals. If you are interested in participating, please respond here with a way for me to contact you, or contact me yourself via PM (or AIM). I do have permission from my ISP, but they are keeping a safe eye on it. If more than two people try to attack (that is saying, one of the two people I am allowing gives it to one of their friends) then that third IP will be logged and considered an illegal and unauthorized attempt of network penetration.

    This means if I give you permission after you ask me, keep it to yourself. This is not a game, but a true case study, which I can not stress enough.

    regards,
    Pooh Sun Tzu

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Posts
    707
    Just curious PST is there anything that people are not allowed to do when trying to break into your system ? DoS ? DDoS ?

    Just wondering ....

    But overall sounds very interesting. Can't wait to see the results.
    Operation Cyberslam
    \"I\'ve noticed that everybody that is for abortion has already been born.\" Author Unknown
    Microsoft Shared Computer Toolkit
    Proyecto Ututo EarthCam

  3. #3
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    There was a really good thread awhile back where a bunch of people from AO got suckered into hacking into a box where thay had no good reason to be (hopefully someone will link to it...I don't remember enough about it to find it again)

    Anyway...how do you propose to prove that the box is yours? Because you give out an IP number via PM? If I wanted help hacking into a box, and wanted to keep it low key, I would only tell 2 people at a time.

    I really do applaud the effort...I would be interested in the results also...I just don't know how you can difinitively prove you own the box? And how do you prove your ISP is ok with it?

    You know, once biten, twice shy...

  4. #4
    Anyway...how do you propose to prove that the box is yours? Because you give out an IP number via PM? If I wanted help hacking into a box, and wanted to keep it low key, I would only tell 2 people at a time.

    No big deal If you don't believe it is me, then no worries and don't apply for it.

    I just don't know how you can difinitively prove you own the box? And how do you prove your ISP is ok with it?
    Let's see. All of my image hosting that I post on the boards comes from that IP, and moderators could verify that as my posting IP. Now this isn't something I need to prove to you You either accept it or you don't. Sound shady? That's fine. But seeing the history of the person asking should give you a very fine idea of how that person acts, and what kind of posts they make.

    Don't get me wrong, I'm not attempting to be shady here. But how on earth can I prove it is my IP? I know. Tell you what. If you decide to join, I'll prove it by hosting an image of whatever you ask. I'll change the image numerous times if that pleases you.


    Just curious PST is there anything that people are not allowed to do when trying to break into your system ? DoS ? DDoS ?
    Anything is allowed, so long as you stick to one IP address. This way I can monitor the logs properly along with the whitepaper release, and so my ISP knows who is parcitipating. That does, by nature, remove DDoS, since it requires multiple IP addresses. DoS itself is fine. One IP, anything goes. The moment you use a 2nd IP, I will block all IP's dealing with you and report it.

  5. #5
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    PST
    You are setting it as a white paper? will you be able to post results here, with possibly concurrent statements ? ie, your M/C, time and your responses, set against the incoming attempts, also timed etc. Ideally so we / I can read it as a form of text book chapter ??
    ie
    Time 00:23:32 GMT firewall detected first anomaly. Against the attackers log of the same time,
    so we could see attack and defence played out. Possibly with comments from either side as to what is happening and what is now expected and why?
    I ask as a newcomer to IT, hoping to make sense of what I can, and at present, feeling only that I'm tip toeing in the shallows and already feeling out of my depth.
    I'm sorry if this is a bit dumb? or maybe this is a precis of what a white paper report is??
    either way I'm interested in this as an exercise.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  6. #6
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    What services will you be running?
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

  7. #7
    Interesting idea and point of view, so I have realised I. I will be requiring white papers of the two people conducting in the test, and may as well save all log files of my own to compare it against.

    So yes, I will be doing that Didn't even think about adding my own log information to it.

  8. #8
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    331
    Prove the box is yours, give me the rules (if any), and I'll throw down. I mean the least I could tell you is that I couldn't get in. For your case to proven however, are you gonna set up a *nix box for the same project?

    I'll give you any info on what I do to case the joint, and if success is an end result, I'll tell you how I busted in.

    I do strongly suggest not allowing and type of DoS because that is kinda lame.

    Any hint on the services, or do we get to figure that one out?

    Be safe and stay free
    Your heart was talking, not your mind.
    -Tiger Shark

  9. #9
    Dopey, sent a PM to you, check your box please.

  10. #10
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    OK, I'll bite. Considering that I've spoken to PST in IRC, I trust that this box is legit. Give me your IP and I'll see what I can do.

    Cheers,
    cgkanchi

    EDIT: Are spoofed IP's/proxies etc. allowed? Also, is the XP box running a firewall?

    EDIT2: Could you put some kind of script or something up to say how many IP's are currently attacking the box? Like HTTP or something?
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •