From owner-freebsd-chat  Tue May 18 12: 9:47 1999
Delivered-To: freebsd-chat@freebsd.org
Received: from smtp03.wxs.nl (smtp03.wxs.nl [195.121.6.37])
	by hub.freebsd.org (Postfix) with ESMTP id DBCC814E7C
	for <freebsd-chat@freebsd.org>; Tue, 18 May 1999 12:09:45 -0700 (PDT)
	(envelope-from asmodai@wxs.nl)
Received: from daemon.ninth-circle.org ([195.121.196.56]) by smtp03.wxs.nl
          (Netscape Messaging Server 3.61)  with ESMTP id AAA1C29;
          Tue, 18 May 1999 21:09:41 +0200
Received: from daemon.ninth-circle.org (abaddon@daemon [192.168.0.1])
	by daemon.ninth-circle.org (8.9.3/8.9.3) with ESMTP id VAA00499;
	Tue, 18 May 1999 21:10:09 +0200 (CEST)
	(envelope-from asmodai@wxs.nl)
Message-ID: <XFMail.990518211009.asmodai@wxs.nl>
X-Mailer: XFMail 1.3 [p0] on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <Pine.OSF.4.10.9905181322250.8039-100000@fly.HiWAAY.net>
Date: Tue, 18 May 1999 21:10:09 +0200 (CEST)
Organization: Ninth Circle Enterprises
From: Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>
To: Steve Price <sprice@hiwaay.net>
Subject: RE: how secure is NT?
Cc: freebsd-chat@freebsd.org
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On 18-May-99 Steve Price wrote:
> I just got the strangest request.  Today while at a customer's
> facility I was given the IP address of an NT box and was asked
> to try to break into it.  All he told me about the box was that
> it was using NT 4.0 and was running a VPN.  Does anyone have any
> ideas or pointers to known NT exploits?

No Service Packs? Use standard DoS tools (see neworder.box.sk for a search
engine).

Service Pack 3 still has some DoS exploits which can only be solved by
later SP's or hotfixes, IIRC the later boink DoS's and friends.

If it runs IIS, then yer in business because it's as leak as a basket, see
BugTraq archives for information. Also see www.rootshell.com for some other
exploits for NT.

Also use default nmap for the port scans in order to get some information
about the open ports.

Have fun =)

---
Jeroen Ruigrok van der Werven                asmodai(at)wxs.nl
        The FreeBSD Programmer's Documentation Project 
Network/Security Specialist      <http://home.wxs.nl/~asmodai>
*BSD: Accept no limitations...


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message