[unisog] Windows 2000 break-ins

Thomas J. Kelly tkelly at fau.edu
Mon Sep 9 11:52:05 GMT 2002


We've had a few XDCC expolits including an NT4 box.  A weak password on
a 
user with Admin rights appeared to the the method.

Curtis Kline wrote:
> 
> Has anyone seen these IRC-backdoor kinds of attacks on any other
> operating systems, specifically XP Home or Pro?
> 
> Curtis
> 
> ______________________________________
> Curtis Kline
> Residential Network Coordinator
> University of California Santa Barbara
> 805.893.4016 Voice
> 805.893.4766 FAX
> 
> 
> + -----Original Message-----
> + From: Gary Flynn [mailto:flynngn at jmu.edu]
> + Sent: Thursday, September 05, 2002 2:50 PM
> + To: unisog at sans.org
> + Subject: [unisog] Windows 2000 break-ins
> +
> +
> +
> + A few months ago, there was a spate of break-ins that
> + involved IRC floods and backdoor trojans. I believe that
> + weak or nonexistent Administrator passwords were
> + thought to be partially at fault.
> +
> + I just ran across a Microsoft security bulletin warning
> + of a new spate of what looks to me to be similar incidents.
> + Anyone seeing anything?
> +
> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691
> 
> --
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
> 
> Please R.U.N.S.A.F.E.
> http://www.jmu.edu/computing/runsafe

-- 
Thomas J. Kelly, P.E.			        KG4AKO
Engineer, College of Engineering		Phone   (561)-297-3489
Florida Atlantic University		        Fax     (561)-297-2659
Systems Administrator and Robotics Center Engineer
777 Glades Road, SE43/150
Boca Raton, FL 33431	http://www.eng.fau.edu/



More information about the unisog mailing list