Author |
Message |
elektro80
Site Admin
Joined: Mar 25, 2003 Posts: 21959 Location: Norway
Audio files: 14
|
Posted: Wed Mar 08, 2006 4:39 am Post subject:
More on the "30 minutes" - ZDNET scare Subject description: University of Wisconsin takes a closer look |
|
|
Dave Schroeder at the University of Wisconsin takes a closer look at the "Mac OS X hacked in under 30 minutes" report.
Mac OS X Security Test _________________ A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"
MySpace
SoundCloud
Flickr |
|
Back to top
|
|
|
brinxmat
Joined: Oct 24, 2005 Posts: 262 Location: Norway
|
Posted: Wed Mar 08, 2006 5:30 am Post subject:
|
|
|
OK: The original MacMini was runing OS X 10.3, and the user had an account.
How about this: http://www.rixstep.com/1/20060306,00.shtml
Another thing: you know what the OS is in either test; if the machine has been locked down properly, it won't happily announce its OS in the "Welcome to Darwin!" fashion, so you won't necessarily know which holes to look for. My box won't anyway, it will tell you among onther things on login that it is an "insecure heap of blancmange".
Mind you, IIS has a tendency to do this, even if you get a 404.
See http://www.insecure.org/nmap/man/ _________________ -- Say "&Eth;onne hit wæs hrenig weðer" |
|
Back to top
|
|
|
elektro80
Site Admin
Joined: Mar 25, 2003 Posts: 21959 Location: Norway
Audio files: 14
|
Posted: Wed Mar 08, 2006 5:42 am Post subject:
|
|
|
Yes, I know this one.
brinxmat wrote: | Another thing: you know what the OS is in either test; if the machine has been locked down properly, it won't happily announce its OS in the "Welcome to Darwin!" fashion, so you won't necessarily know which holes to look for. My box won't anyway, it will tell you among onther things on login that it is an "insecure heap of blancmange".
Mind you, IIS has a tendency to do this, even if you get a 404.
See http://www.insecure.org/nmap/man/ |
Yes, it is fairly easy to figure out what the various boxes are running by scanning with something like nmap. _________________ A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"
MySpace
SoundCloud
Flickr |
|
Back to top
|
|
|
|