|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Privacy Concerns with Office?? What about this!?
From: Attonbitus Deus (thor
HAMMEROFGOD.COM)Date: Thu Aug 31 2000 - 12:52:25 CDT
- Next message: H Carvey: "Re: Snort & Nmap for NT (obviously)"
- Previous message: Phillip Renouf: "Re: Easy way to set permission"
- In reply to: Loschiavo, Dave: "Privacy Concerns with Office?? What about this!?"
- Reply: Attonbitus Deus: "Re: Privacy Concerns with Office?? What about this!?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
If this worked in the tests you performed through a firewall, then the
firewalls were not configured to block NetBIOS; a very careless (as you have
illustrated!) mistake on the part of the admin.
This is indicative of a growing problem I am seeing with firewall configs.
Admins are configuring proxies and firewalls to block what they don't want,
as opposed to the proper way of blocking everything by default, and only
allowing in what you need. Of course, the proper way takes more work, but
that is life.
I do agree though that the 'web bug' just now getting a little press is
strange. This has been available (and used) for years now, and is being
used by many companies as a standard (well, maybe not a STANDARD) of
tracking when documents are opened on the outside.
If your test facilities are indeed letting NetBIOS traffic through in this
manner, then there are FAR worse things that you could do than the
(comparatively) trivial capture of the username and password. (Search Bt on
"Word" and "Access" to see a few).
----------------------------------------------------------------
Attonbitus Deus
thorhammerofgod.com
----- Original Message -----
From: "Loschiavo, Dave" <DLoschiavoFRCC.CC.CA.US>
To: <FOCUS-MSSECURITYFOCUS.COM>
Sent: Thursday, August 31, 2000 6:00 AM
Subject: Privacy Concerns with Office?? What about this!?
> Recently there's been news about a way to track who reads a Word document.
> Here's a URL (which may be wrapped)
> http://www.privacyfoundation.org/advisories/advWordBugs.html that details
> the issue.
>
> What I don't understand it why this is getting news, and the fact that
> something very similiar could hand someone enough information to gain your
> userid and password is not. Here's URL detailing the "Network File
Resource
> Vulnerability". Which alse may be wrapped.
> http://archives.neohapsis.com/archives/win2ksecadvice/2000-q1/0201.html I
> have tested some of the methods used in this link (on people behind
> firewalls) and it works like a charm.
- Next message: H Carvey: "Re: Snort & Nmap for NT (obviously)"
- Previous message: Phillip Renouf: "Re: Easy way to set permission"
- In reply to: Loschiavo, Dave: "Privacy Concerns with Office?? What about this!?"
- Reply: Attonbitus Deus: "Re: Privacy Concerns with Office?? What about this!?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]