Ilici Ramirez wrote: > > Hi all, > > We intend to make a short demonstration of hacking as > part of a longer seminar with more than 100 IT > managers, vice-presindents, and other high-level > morons. The goal is to explain how easy is to hack an > unsecured system or network. > > For them to understand and to realize how just only an > unsecured computer could lead to compromise of an > entire business we need to show some hacking examples > real spectacular. > > So I need your help to make a top short list. I will > insert here my humble opinion, but I expect more from > all of you experienced pen-testers. > > 1. Remote VNC install - GUI session on target machine > 2. BO2K or Subseven > 3. Port redirection with fpipe - a firewall is not > always enough > 4. Remote shell with netcat > 5. Null session - information gathering with no right > > Ilici R / what is the target OS? or OSes? from point 2 it looks like you want to hit M$ boxes but you could do a linux box ie do a bind or lpd for example exploit then insert a module like http://packetstormsecurity.org/linux/modules/krnhide.c (not tried but there are a few that are similar) I seem to remember a module done by some one called optyx (I think.... I can't find a reference for that name on packetstorm) from wired news that emulated (I think) subseven or similar. you could so a compare and contrast for the ease of hacking default install win 2k and a default install linux box. or do a default install OpenBSD box and a default install Win2k box ;o) BTW I hope that none of the "other high-level morons" read or monitor this list, remember it is archived in loads of places -- ##################### Quentyn Taylor Sysadmin - Fotango ##################### ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 11:40:49 PDT