file access auditing
+ Reply to Thread
Results 1 to 12 of 12

Thread: You Cant Hack Me!

  1. #1
    Join Date
    Oct 2006
    Posts
    9

    You Cant Hack Me!

    I work in IT for an international Fortune 500 company. Our passwords for users and admin are ridiculously simple. *0% of user passwords are either their name, their kid's names or the company name with two digits. I cracked a random sample of passwords (*00) in just under * hours. *8% percent of those cracks were done using a dictionary attack. Remember this is a HUGE company.

    Can someone tell me or estimate the odds that an outsider would try to hack us? I know a difficult question to answer, but as a newbie I'm relying on your experience and knowledge. My IT job kinda sucks and I would like to put a proposal together to improve corp security and create a new job for myself.

    Our company has firewalls, a DMZ and passwords for everything. However we have no dedicated pen test staff, no pass auditing and I really doubt anyone checks the logs....

    I would especially like to hear from you Mike*0* on this matter....thanks guys.

  2. #2
    Join Date
    Jun 2006
    Posts
    459
    why would someone want to hack you?
    7h* L**7*57 c4n7 h4ck m*!
    Proud to have quit playing ®µÑȧ©ÅÞË

    If you write like a semi-literate boob you will very likely be ignored.
    Writing like a l**t script kiddie hax0r is the absolute l**t*st way to write!
    L0L

  3. #3
    Join Date
    Oct 2006
    Posts
    9

    hack

    I would imagine someone would want access either for monetary reasons, industrial espionage, the hell of it, a disgruntled ex-employee who got caught with porn on the company issued laptop etc....how can I gauge what the odds are- can this be gauged?

  4. #4
    Join Date
    Mar 2006
    Posts
    122
    XD
    Lol, that was the funniest subject line.
    Haha, I bet if a bunch of us put our knowledge together we could own you.

    Wishful thinking-
    Toast

  5. #5
    Join Date
    Sep 2005
    Posts
    2,050
    Well the odds that someone will try to hack you are *00% - people constantly port scan IP ranges for interesting ports, and as soon as you plug in the cable to your external router, it gets port scanned fairly regularly. Your security can be compromised within hours if your software is not up to date.

    So the first place to strengthen is the initial point of communication between the internet and your internal network - this would be a standard router in home connections, but I don't know what setup you've got at a large company. A good way to strengthen the router itself is to reject ping requests from the internet - that way you at least don't get discovered by some port scans. You have to make sure that the only ports you allow incoming connections on are strictly needed; as any port you accept connections on shows up in the port scanner's logs, and presents a security risk.

    If there are servers you need to be accessible to the internet and you forward ports to them (such as a mail server -> port 25), you need to have a strict updating schedule for the software. If you have software that is *-2 years old, the attacker has a whole catalog of exploits he can use to own your box, but if you update regularly, you stay ahead of all but 0-day exploits.

    One thing neglected by security staff are internal proxies. A lot of private networks use an internal proxy between their users and the internet, so content can be filtered and slacking is prevented. But what they fail to realize is just as the proxy allows the users to connect out to the internet, it also allows remote attackers to use it to browse the company's intranet, exposing internal servers and all the networked users. It basically opens up their network to anyone capable of entering the company's IP address and proxy port into their browser.

    Another threat is internal users. It's all very well locking down your defences, but the people already inside them can do some damage. It's trivial to get admin on Windows machines, then dump and crack the admin hash (you now have the admin password for the whole network), install a bot to drain your resources on a DDoS attack, install a reverse-connecting trojan to connect unsuspiciously on port 80 and open up your network - the list goes on.

    Yet another threat are email systems. Employees are usually dumb enough to believe social engineering, couple that with an email spoofed from [email]admin@yourdomain.com[/email] and they can be convinced to to pretty much anything.

    So basically, every network in this day and age is vulnerable to someone willing to try hard enough. What you need to do is look at what you actually have that would be of interest to a cracker, and lock down the entry points to whatever that may be - from both inside and outside threats. Not many people will attempt to hack you unless you advertise blatantly that you have valuable data.


    I challenge you to open this up to all the members of this forum - give us details about your company and we'll assess it.
    Last edited by Ezekiel; 10-27-2006 at 06:23 PM.

  6. #6
    Join Date
    Aug 2006
    Posts
    233
    oracle,i will have to agree with mike *00% on this matter.Even by random you will get hack sooner or later.I personally think that internal proxys will be a good way to find the way in.It will only take little time for fancy programs to find a weakness on the server.Try to do it yourself with the latest edition of accessdiver.Also there are programs now that not only can find the exploit,but work with the cgi and exploits to get in.
    Just think for a moment,bigger and more important servers had been hacked,i'm sure any script kiddie with the right tools will be more than gladd to help you out..lol.
    Nozf*r4tu
    [url]http://www.amishrakefight.org/gfy[/url]

  7. #7
    Join Date
    Oct 2006
    Posts
    9

    hack this then

    I'm very leary about giving out too much company info for obvious reasons. I like working there. However, in the interest of trying to improve my job and help these poor suckers...I'll try to strike a balance. First no company name: If you figure it out I'm impressed. Secondly I won't intentionally give out any info that could be damaging. It's not that I don't trust the community, but the first thing I learned is not to trust anyone. I think we can all agree on that one.

    X Corp is running IIS version 6
    I believe * domain servers
    We use Win Server 200*
    SQL Server 2000
    IBM AS/400 Mainframes
    Lotus Notes mail
    Workstations run XP Professional
    LanMan hashes are not disabled
    Null sessions are not disabled
    6 DMOZ's
    Un******* and open wireless network at corporate
    AT&T Dialer is used
    I assume Apache?
    No Unix or Linux
    Onsite and offsite servers
    Passwords must be changed every *0 days min length 7 char
    All workstations either IBM or HP
    IBM and Dell servers...

    http (80/tcp)


    It seems that it's possible to disclose fragments
    of source code of your web applications which
    should otherwise be inaccessible. This is done by
    appending +.htr to a request for a known .asp (or
    .asa, .ini, etc) file.

    The remote web server itself is prone to cross-site scripting attacks.

    Let's start with this infor for now....

  8. #8
    Join Date
    Sep 2005
    Posts
    2,050
    Quote Originally Posted by oraclemonster0*
    I'm very leary about giving out too much company info for obvious reasons. I like working there. However, in the interest of trying to improve my job and help these poor suckers...I'll try to strike a balance. First no company name: If you figure it out I'm impressed. Secondly I won't intentionally give out any info that could be damaging. It's not that I don't trust the community, but the first thing I learned is not to trust anyone. I think we can all agree on that one.

    X Corp is running IIS version 6
    I believe * domain servers
    We use Win Server 200*
    SQL Server 2000
    IBM AS/400 Mainframes
    Lotus Notes mail
    Workstations run XP Professional
    LanMan hashes are not disabled
    Null sessions are not disabled
    6 DMOZ's
    Un******* and open wireless network at corporate
    AT&T Dialer is used
    I assume Apache?
    No Unix or Linux
    Onsite and offsite servers
    Passwords must be changed every *0 days min length 7 char
    All workstations either IBM or HP
    IBM and Dell servers...

    http (80/tcp)


    It seems that it's possible to disclose fragments
    of source code of your web applications which
    should otherwise be inaccessible. This is done by
    appending +.htr to a request for a known .asp (or
    .asa, .ini, etc) file.

    The remote web server itself is prone to cross-site scripting attacks.

    Let's start with this infor for now....
    We can't really do much unless we can take a look at your server...

    How about if you post the domain name/IP address here in an encrypted string so nobody can find your post through google? Or pm it to the active posters in this thread.

  9. #9
    Join Date
    Oct 2006
    Posts
    9

    X Corp

    Mike*0* I take your challenge....I'll give you the info if I get to learn from the experience. I believe you are looking for this:bf2e2**e8*65*6ac6f*6be8ec2bc2af*

  10. #10
    Join Date
    Sep 2006
    Posts
    1,649

    Well

    Well based on an HTS (Hack this Site) challange and the fact you have Apache, I'm wondering whether your using SSI or not. You could be vulnerable to an SSI injection.

  11. #11
    Join Date
    Oct 2006
    Posts
    9

    Hack

    Yes our company has SSL 2.0 and a Tenable Nessus scan shows that it is vulnerable to man in the middle attacks....

  12. #12
    Join Date
    Sep 2006
    Posts
    1,649

    no no no

    Not SSL (******* Sockets Layer), SSI (Server Side Includes).
    Here is a link to a page all about it:

    [url]http://httpd.apache.org/docs/*.*/howto/ssi.html[/url]

    If you are vulnerable, people can execute commands (DOS commands, since you are using Windows) and can do anything from search directories to formatting.

+ Reply to Thread

Similar Threads

  1. msn hack and Bluetooth hack
    By nieco in forum Viruses and Trojans
    Replies: 4
    Last Post: 07-30-2009, 06:45 AM
  2. I Need To Hack Myself
    By o-zoned in forum Internet Privacy
    Replies: 1
    Last Post: 11-23-2006, 09:55 AM
  3. Msn Hack For You
    By skyper07 in forum Viruses and Trojans
    Replies: 0
    Last Post: 11-15-2005, 07:08 AM
  4. I want to know How to hack?
    By Zaib in forum Internet Privacy
    Replies: 4
    Last Post: 08-11-2005, 04:01 AM
  5. how to hack the IP
    By Unregistered in forum Internet Privacy
    Replies: 5
    Last Post: 10-18-2004, 05:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts