Showing Need for Security - Eye Popping Examples wanted

[Tony Wasson]

Greetings PLUG readers,

I am working on giving a security presentation to several medical offices.
New federal laws will require 'reasonable security measures' when handling
medical records (google search on HIPAA). I want to demonstrate some very
nasty and quick exploits to show that the threats are real. Many offices
will look at buying new billing packages before the end of 2004 to support
additional per user auditing features, and I'd love to put more offices onto
Linux. I'd also like to hear about medical billing packages that will run on
Linux. (Yes I know about http://www.linuxmednews.com/)

Here's my exploit demonstration game plan:
1) Run Netcat in listener mode on my demo PC.
2) Run IIS5HACK against a Windows 2000 server.
3) Show the Windows 2000 command prompt in my Netcat with no security
limitations.
4) Copy over the NT Rootkit and 'deploy' it.
5) Show that I am 'invisible' when connected to the Rootkit (netstat output)

What do you recommend I demonstrate? Most offices I've seen are running
Windows 9x for clients and a Win NT/2000 server. Some run ancient *NIX boxes
and terminals. My clients are running Debian GNU/Linux servers. ;-)

Most medical offices have internet connectivity, but it is usually dialup in
the doctor's office. I am going to play the part of a disgruntled employee
whose going to compromise their system.

Thanks in advance for your input!
Tony Wasson