('binary' encoding is not supported, stored as-is) All, I have a customer whose company does legal work for lots of businesses. The data housed on their network is what I would call 'financially sensitive'. Recently, I found their Exchange server had been turned into an open relay. It was not that way a month ago.Once I stopped the bleeding, I told them I wanted to change the Administrator password, (NT4.0, Exch5.5. I know, I know). They told me they were not allowed to change the password. "Sez WHO", I asked. "Our software vendor", they replied. Turns out the vendor in question has a niche market in this kind of legal field. Also turns out they use the same 4-letter, (no caps, no special chars), administrator password on ALL their customers networks. To make matters worse, they have PCAnyWhere ports open on all these networks, because their software is so buggy, the developers need to remote in and fix things all the time. The spokesman for the group claims that the AT&T managed firewall prevents anyone else from using the PCNoWhere ports by IP address. I'm not a great negotiator, and I'm going to face the SW spokesman next week. He is a good spin doctor. I'm looking for help in making him secure his stuff. All help is appreciated. Jeff Peterson BTIIS --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications - Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814 ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sat Aug 16 2003 - 13:17:08 PDT