OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Boekelman, J. (J.BoekelmanGWA.NL)
Date: Fri Aug 10 2001 - 07:43:11 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Look at

    http://www.compaq.com/support/files/server/us/download/9608.html

    Best regards,

    John Boekelman
    System Administrator
    Gemeentewaterleidingen Amsterdam
    E-Mail: J.Boekelmangwa.nl

    -----Oorspronkelijk bericht-----
    Van: Tyler Rosolowski [mailto:tyler.rosolowskiGORILLA.CO.NZ]
    Verzonden: Thursday, August 09, 2001 2:29 PM
    Aan: win2ksecadviceLISTSERV.NTSECURITY.NET
    Onderwerp: Compaq Web-based Management

    More a heads up than an announcement.

    We have recently discovered a client's server, exposed to the internet
    is running the Compaq web-based administration HTTP server/agents on
    port 2301.

    The web server gives every minute detail of the server, as reported by
    the Compaq insite agents, including serial number of the box, raid
    config, and logical drive names, free space, OS+SP level, server admin
    name IP addresses, RAM/CPU details, POST/log errors (including bug check
    info) etc.

    All these details can be seen with the anonymous access, with the
    default username/password for administrator being
    administrator/administrator, you can also restart the server, to either
    the management tools, or just a cold/warm boot.

    I did a brief scan of a local ISP, and found 15 boxes, all with default
    logons out of 500 hosts, so it seems quite a common setup error which
    would give hackers a lot of useful information about your
    server/networks and allow a denial of service attack by rebooting your
    server to the utilities.

    Tyler Rosolowski - Gorilla Technology Ltd
    Mobile: 029-263 6501
    http://www.gorilla.co.nz

    _____________________________________________________________________
    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net

    _____________________________________________________________________
    ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
    ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
    SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net