[unisog] Infected windows boxes with IRC controlled trojansonthem
flynngn at jmu.edu
Thu Apr 11 20:07:32 GMT 2002
Anyone know how efficient this Fluxay program is at cracking
accounts over the network? It doesn't seem to run on '98
and I don't have an NT box I can sacrifice right now.
It wouldn't seem that a network password cracker would be
near as quick as an offline cracker like l0phtcrack.
And I'd expect a fair amount of disk churning as the
Event Log gets updated with login requests.
I think I'm going to push that the "access this account
from the network" right gets removed from at least the
Administrator on all boxes. It looks like everyone has
that right by default on NT and 2000 boxes. Not sure
about XP. Luckily, I think I read that the Home version
doesn't enable the C$ shares.
Security Engineer - Technical Services
James Madison University
More information about the unisog