electro-music.com   Dedicated to experimental electro-acoustic
and electronic music 		 
    Front Page  |  Radio
 |  Media  |  Forum  |  Wiki  |  Links
Forum with support of Syndicator RSS
 FAQFAQ   CalendarCalendar   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   LinksLinks
 RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in  Chat RoomChat Room 

 Forum index » News... » Apple Computers
More on the "30 minutes" - ZDNET scare
Post new topic   Reply to topic
Page 1 of 1 [3 Posts]		 View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
Author Message
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14
PostPosted: Wed Mar 08, 2006 4:39 am    Post subject: More on the "30 minutes" - ZDNET scare
Subject description: University of Wisconsin takes a closer look		 Reply with quote  Mark this post and the followings unread
Dave Schroeder at the University of Wisconsin takes a closer look at the "Mac OS X hacked in under 30 minutes" report.


Mac OS X Security Test
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
brinxmat



Joined: Oct 24, 2005
Posts: 262
Location: Norway
PostPosted: Wed Mar 08, 2006 5:30 am    Post subject: Reply with quote  Mark this post and the followings unread
OK: The original MacMini was runing OS X 10.3, and the user had an account.

How about this: http://www.rixstep.com/1/20060306,00.shtml

Another thing: you know what the OS is in either test; if the machine has been locked down properly, it won't happily announce its OS in the "Welcome to Darwin!" fashion, so you won't necessarily know which holes to look for. My box won't anyway, it will tell you among onther things on login that it is an "insecure heap of blancmange".

Mind you, IIS has a tendency to do this, even if you get a 404.

See http://www.insecure.org/nmap/man/
_________________
-- Say "&Eth;onne hit wæs hrenig weðer"
Back to top
View user's profile Send private message
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14
PostPosted: Wed Mar 08, 2006 5:42 am    Post subject: Reply with quote  Mark this post and the followings unread
brinxmat wrote:
OK: The original MacMini was runing OS X 10.3, and the user had an account.

How about this: http://www.rixstep.com/1/20060306,00.shtml


Yes, I know this one.

brinxmat wrote:
Another thing: you know what the OS is in either test; if the machine has been locked down properly, it won't happily announce its OS in the "Welcome to Darwin!" fashion, so you won't necessarily know which holes to look for. My box won't anyway, it will tell you among onther things on login that it is an "insecure heap of blancmange".

Mind you, IIS has a tendency to do this, even if you get a 404.

See http://www.insecure.org/nmap/man/


Yes, it is fairly easy to figure out what the various boxes are running by scanning with something like nmap.
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic
Page 1 of 1 [3 Posts]		 View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
 Forum index » News... » Apple Computers
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Forum with support of Syndicator RSS
Powered by phpBB © 2001, 2005 phpBB Group
Copyright © 2003 through 2009 by electro-music.com - Conditions Of Use