Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: bill
Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both "enlightening and frightening."
The demonstration took place Monday at an event sponsored by Get Safe Online--a joint initiative of the U.K. government and industry. At the event, which was aimed at heightening security awareness among small businesses, two members of the U.K. government intelligence group Serious Organized Crime Agency connected a machine running Windows XP with Service Pack 1 to an unsecured wireless network. The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen.
Microsoft XP SP1 Hack "frightening" [news.com]
Why would anyone continue to use XP SP1?
The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen.
Getting onto the unsecured wireless network, pinging possible IP addresses of other computers on the network, finding Andy's unpatched computer, scanning open ports for vulnerabilities, using the attack tool to build an exploit, and using the malware to get into the XP command shell took six minutes.
I'd be throughly embarassed if it took me that long! Let's see... A max of 253 addressing need pinging; a dozen, maybe two, ports need to be scanned; exploits wouldn't be built "on-the-fly," they'd be "pre-rolled"; TFTPing a file is trivial & fast.
"Attack tools"? A very popular & cheap FTP program - used by many here at WebmasterWorld - has a "ProPack" add-on that has the "tools" needed for the job.
Uh, i"m stoopid... How would antivirus/spyware help in this case? Rhetorical question, as we all know they wouldn't help - the objective of the hack was theft, not infection.
Patched or unpatched means nothing to those who know what "zero day exploit" means.
The only thing about the article that I found scary was Microsoft admitting to being "enlightened" - C'mon! It's almost 2008! Have you had your heads up your hole in the ground since Bill discovered the 'net?
They should've used a fully patched machine with a firewall, antivirus and spyware remover. Still possible, might've taken longer, but message would have been stronger.
Plus of course we only have there word for it that it was password protected, even though we all know that if it falls into the wrong hands a password protected file will be impossible to get into! ;-)
[edited by: Visit_Thailand at 11:45 pm (utc) on Nov. 22, 2007]