Date: Wed, 19 May 1999 12:37:26 +0930 (CST) From: Kris Kennaway <kkennawa@physics.adelaide.edu.au> To: Steve Price <sprice@hiwaay.net> Cc: freebsd-chat@freebsd.org Subject: Re: how secure is NT? Message-ID: <Pine.OSF.4.10.9905191228150.10095-100000@bragg> In-Reply-To: <Pine.OSF.4.10.9905181322250.8039-100000@fly.HiWAAY.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 May 1999, Steve Price wrote: > I just got the strangest request. Today while at a customer's > facility I was given the IP address of an NT box and was asked > to try to break into it. All he told me about the box was that > it was using NT 4.0 and was running a VPN. Does anyone have any > ideas or pointers to known NT exploits? Reading the NT service pack changelogs should give you a good idea of which DoS/exploit bugs were fixed in each. In particular, there was a FTP buffer overflow fixed in the most recent SP5 which potentially allows remote access (there's probably a shell script around which takes care of this). You mentioned VPN - if it's Microsoft's PPTP, then you're in luck - see http://www.counterpane.com/pptp.html. Microsoft's implementation of PPTP is so badly broken that anyone considering using it in a real network should be taken into a back room and quietly pummeled until they change their mind. Kris ----- "That suit's sharper than a page of Oscar Wilde witticisms that's been rolled up into a point, sprinkled with lemon juice and jabbed into someone's eye" "Wow, that's sharp!" - Ace Rimmer and the Cat, _Red Dwarf_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9905191228150.10095-100000>