NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2000-q3

[ISN] c4i-pro Network Vulnerability Exploitations (fwd)

From: William Knowles (wkC4I.ORG)
Date: Mon Jul 03 2000 - 16:21:08 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>From another list I am on, If anyone feels like helping this
gentleman, Please contact him directly.

William Knowles
wkc4i.org

---------- Forwarded message ----------
Date: Mon, 3 Jul 2000 16:49:09 -0400
From: "Benedict, Dale M Mr HQ INSCOM" <dmbene2vulcan.belvoir.army.mil>
To: "'c4i-prostl.nps.navy.mil'" <c4i-prostl.nps.navy.mil>
Cc: "Benedict, Dale M GS-13 IOVAD" <dmbene2LIWA.belvoir.army.mil>
Subject: c4i-pro Network Vulnerability Exploitations

"Benedict, Dale M Mr HQ INSCOM" <dmbene2vulcan.belvoir.army.mil>

Greetings, all. The list appears to have been quiet for a while, so
how about some questions that we would like to interject into our
INFOSEC training?

Based on your experiences or knowledge, can any of you C4I
professionals provide any feedback on questions regarding these
relatively common network vulnerabilities, or point me to a site that
would have these listed?

Here is a set of questions for us to consider:

1. Can the particular network vulnerability be exploited by an outside
adversary (or trusted insider)?

2. When, to your knowledge, has this particular network vulnerability
been exploited?

3. Who, if known, has exploited this particular network vulnerability?
4. What level of adversary (i.e., hacker) can perform this
exploitation, and what tools/training are required?

Here is a set of possibly 'common' vulnerabilities:

1. "SMTP VRFY buffer overflow can crash or obtain access"
2. "SMTP HELO buffer overflow can crash or obtain access"
3. "SMTP EXPN command"
4. "SMTP host possibly vulnerable"
5. "SMTP server allows fake hostnames in HELO"
6. "SMTP verify (VRFY) command can be used to validate users"
7. "FTP PASV port denial of service attack"
8. "LDAP anonymous access to directory"
9. "LDAP null base returns information"
10. "Sendmail %style blind relaying can be used to obfuscate the origin
of e-mails"

11. "Anonymous FTP enabled"
12. "HTTP proxy detected"
13. "HTTP proxy penetrated"
14. "ICMP timestamp requests"
15. "NNTP posting"
16. "NNTP reading"
17. "Traceroute can be used to map network topologies"

If any of you have seen anything on these, please point the way, share
your experiences, and/or drop me a line.

Thanks.

        Dale M. Benedict
        IOVAD, LIWA
        Fort Belvoir, VA 22060
        DSN 235-1606
        Comm (703) 706-1606

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]