OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Djohn & John the Ripper

From: netsecurity (netsecurityduracompanies.com)
Date: Wed Apr 21 2004 - 11:18:25 CDT


We recently discovered a laptop that had the client of DJohn installed
and calling "home". We've identified the IP it is calling and are
trying to crack the target password to see if it is one of ours.
We're hoping that this is just a case of someone using the parallel
processing power of someone else's computer to crack a 3rd party
password.

What we're most concerned about is how the client got onto the laptop
to begin with. We're behind a Checkpoint FW and when the laptop is
used off site it is also behind a FW appliance. This laptop runs W2K
and has extensive software on it (belongs to a programmer) with VB,
SQL, etc with ALL MS patches installed before the discovery.

User swears he didn't download anything - which we have to take at
face value at this point.

Any thoughts, suggestions? TIA!

A.G. Taylor

_______________________
Network Security
Dura Builders
5740 Decatur Blvd.
Indianapolis, IN, 46241

(C)opyright Dura Builders, ~2004~ Indianapolis, IN, All Rights Reserved
-------------------------------------------------------------------------
The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution
or copying of this communication is strictly prohibited. If you have
received this e-mail in error, contact netsecurityduracompanies.com
-------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------