To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.off-topic.debateOpen lugnet.off-topic.debate in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Off-Topic / Debate / 2826
2825  |  2827
Subject: 
 Re: Brad Justus is real
Newsgroups: 
 lugnet.dear-lego, lugnet.off-topic.debate
Followup-To: 
 lugnet.off-topic.debate
Date: 
 Tue, 14 Dec 1999 02:11:45 GMT
Viewed: 
 54 times
  
Moving this to .debate, for lack of lugnet.off-topic.comp.risks.

On Mon, 13 Dec 1999 21:30:12 GMT, mattdm@mattdm.org (Matthew Miller)
wrote:
Jasper Janssen <jasper@janssen.dynip.com> wrote:

Why not? BO2K runs on Windows NT and Win2000 boxes. (The new version of
Netbus does too, but I'm not sure if that's publicly available yet.)

BO isn't cracking - it's carelessness on the part of the crackee.

Anyone can distribute happy99.exe, but breaking root on an up-to-CERT
unix box is something very few can do.

But if you anticipate what packets the remote side will return, you can
generate the appropriate responses. Admittedly, very difficult to do when
you're doing something complicated, but within the realm of possibility.

Hmm. Good point. And for SMTP that's within the realm of possibility.
For NNTP.. Maybe. I don't know enough about the protocol.

And, routing information may be in the packets, but it doesn't get logged,
so that's no help.

Whether it gets logged or not really depends on what you log. I know
there are packages out there that do either log, or compare the two
and go mad if they don't match.

Jasper



Message has 1 Reply:
  Re: Brad Justus is real
 
(...) Sure. But the issue isn't how it happened. The end net effect is the same -- it makes it easy to do something that's coming from someone else's box. (...) Again, true but probably not relevant -- such info certainly isn't in news server logs. (...) (25 years ago, 14-Dec-99, to lugnet.off-topic.debate, lugnet.off-topic.geek)

Message is in Reply To:
  Re: Brad Justus is real
 
(...) Why not? BO2K runs on Windows NT and Win2000 boxes. (The new version of Netbus does too, but I'm not sure if that's publicly available yet.) (...) But if you anticipate what packets the remote side will return, you can generate the appropriate (...) (25 years ago, 13-Dec-99, to lugnet.dear-lego)

43 Messages in This Thread:












Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR