From: Paul Schmehl (pschmehl_liststx.rr.com)
Date: Fri May 23 2008 - 11:16:45 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On Friday, May 23, 2008 11:56:15 -0400 Elazar Broad <elazarhushmail.com>
wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Its not even funny how often this happens. I have a friend who does
> some consulting work for small businesses, and the amount of times
> that he has come across medical practices that run their billing
> and record keeping software on the same "fully-loaded" XP box that
> their receptionist(s) use to download random crap...
>

Typical scenario - professor runs Windows XP with Skpe and Google Toolbar and a
host of other "helpful" desktop applications - oh, but that's his "server" too
- running IIS and mysql - default installs, mind you - replete with cross-site
scripting and sql injection problems - and all his research with no backups -
and then gets irate because his computer gets blocked at the switch port for
policy violations.

I could go on, but you get the idea.

Why do they do it? Because they can - at least until we catch them.

How many mysql installs do you think there are worldwide, listening on the
default port, with "rootlocalhost", "rootFQHN", "localhost" and "FQHN" all
in the default state with no password?

--
Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]