|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] A dumb question
From: Josiah Wilkinson (josiah.wilkinson
gmail.com)
Date: Mon Sep 25 2006 - 07:31:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
If they were ever successful in bypassing your firewall, they could have
used netbios enumeration, perhaps using a null session as discussed here:
http://www.brown.edu/Research/SysAdmins/articles/netbios_null_sessions.html
I'd double-check your firewall for any possible means of bypassing it -
telnet, http, ssh open to world? Also, check what IPs are hitting your
boxes, I'd guess there's a good chance they're international - if you don't
have any international users, block those IP ranges...
On 9/25/06, Robert Frailey <rfraileyutahmed.com> wrote:
>
> The hackers nightly hit my microsoft windows 2003 servers. In the
> sercurity
> log i see an entry for anonymous then half a dozen failed login attempts.
> What bothers me is they've been trying my login name and my web masters
> login name for that perticular server. All have been unsuccessful but how
> did they get the login names.
>
> Rob
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
--
Josiah Wilkinson
CISSP, MCSE, CCNA
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]