|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: H C (keydet89_at_yahoo.com)
Date: Sat Sep 07 2002 - 06:27:08 CDT
> It appears that (one
> of - there might be more) infection vectors is
> brute-force attack on
> administrator account, using few very simple
> passwords (and few account names).
My analysis of the "russiantopz" IRC bot was
predicated by the primary file being dumped onto an
IIS5.0 server. Seems the admins had the mistaken
notions that (a) The Windows Updates included the
patch for directory transversal, and (b) leaving
default permissions and groups in place was just fine.
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]