[unisog] Infected windows boxes with IRC controlled trojansonthem

Gary Flynn flynngn at jmu.edu
Thu Apr 11 20:07:32 GMT 2002

Anyone know how efficient this Fluxay program is at cracking
accounts over the network? It doesn't seem to run on '98
and I don't have an NT box I can sacrifice right now.
It wouldn't seem that a network password cracker would be
near as quick as an offline cracker like l0phtcrack.
And I'd expect a fair amount of disk churning as the
Event Log gets updated with login requests.

I think I'm going to push that the "access this account
from the network" right gets removed from at least the
Administrator on all boxes. It looks like everyone has 
that right by default on NT and 2000 boxes. Not sure 
about XP. Luckily, I think I read that the Home version 
doesn't enable the C$ shares.

Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.

More information about the unisog mailing list