Exploit devastates WinNT/2K security
Exploit devastates WinNT/2K security By Thomas C. Greene, The Register An application called SMBRelay, written by The Cult of the Dead Cow's Sir Dystic, exploits a design flaw in the SMB (Server Message Block) protocol on Win NT/2K boxes, easily enabling an attacker to interpose himself between the client and the server. http://www.securityfocus.com/templates/article.html?id=195 -- -- ----/ / _ Fred A. Miller ---/ / (_)__ __ ____ __ Systems Administrator --/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services -/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
<color><param>0100,0100,0100</param>On 23 Apr 2001, at 14:18, Fred A. Miller wrote: <color><param>7F00,0000,0000</param>> Exploit devastates WinNT/2K security
By Thomas C. Greene, The Register
--
--
----/ / _ Fred A. Miller
---/ / (_)__ __ ____ __ Systems Administrator
--/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services
-/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
</color>More concerning than the article itself is the statements made in the discussion at the bottom. The mindset of the windows administrators is that it is not a real concern because there are ways to protect this flaw from exploitation. <bigger>"This doesn't really add anything; its simply another way to do something <color><param>0100,0100,0100</param>that has always been possible, and which is prevented by adherence to best practices" "Why would anyone leave this port unfiltered on a router anyway?" "Prevent this kinda idiocy with the built-in ipsec software that comes with win2k"<FontFamily><param>Times New Roman</param> It is this "I don't mind" attitude that allows M$ to continue to thrive with a </color><FontFamily><param>Arial</param><smaller>substandard product. The systems should be secure by nature, not secure once you apply all the recommended updates and patches, and tweak the entire network to protect the few hosts that need to be secure. These are my thoughts, what are yours? ~Dale <nofill> ________________________________ Dale Schuster MIS Manager Lake Tahoe Horizon Casino Resort dschuster@horizoncasino.com
You're right. IMO systems should be secure by nature... /Jon [OT] - Would you please *not* send messages as html? It's kinda hard reading ;) - Have a look: On Monday 23 April 2001 22:50, you wrote:
<color><param>0100,0100,0100</param>On 23 Apr 2001, at 14:18, Fred A. Miller wrote:
<color><param>7F00,0000,0000</param>> Exploit devastates WinNT/2K security
By Thomas C. Greene, The Register
http://www.securityfocus.com/templates/article.html?id=195
--
--
----/ / _ Fred A. Miller
---/ / (_)__ __ ____ __ Systems Administrator
--/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services
-/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
</color>More concerning than the article itself is the statements made in the discussion at the bottom. The mindset of the windows administrators is that it is not a real concern because there are ways to protect this flaw from exploitation.
<bigger>"This doesn't really add anything; its simply another way to do something <color><param>0100,0100,0100</param>that has always been possible, and which is prevented by adherence to best practices"
"Why would anyone leave this port unfiltered on a router anyway?"
"Prevent this kinda idiocy with the built-in ipsec software that comes with win2k"<FontFamily><param>Times New Roman</param>
It is this "I don't mind" attitude that allows M$ to continue to thrive with a </color><FontFamily><param>Arial</param><smaller>substandard product. The systems should be secure by nature, not secure once you apply all the recommended updates and patches, and tweak the entire network to protect the few hosts that need to be secure.
These are my thoughts, what are yours?
~Dale
<nofill> ________________________________
Dale Schuster MIS Manager Lake Tahoe Horizon Casino Resort dschuster@horizoncasino.com
participants (3)
-
Dale Schuster
-
Fred A. Miller
-
Jon Clausen