Open udp netbios ports.

technomage plug-discuss@lists.plug.phoenix.az.us
Sat, 15 Mar 2003 17:09:44 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

and this is WHY I've been looking for a job in this field. I never assume the 
system is secure (I know, I've found out the hard way just how easy it is to 
get a rootkit in to a box).

unfortunately, it seems my resume is often looked at and discarded (I never 
hear back from any one, with only 2 exceptions).

so.....

someone willing to give a visually impaired linux guru a break?

Technomage

On Saturday 15 March 2003 09:03 am, Dennis Davis wrote:
> It's amazing, spend all that money for good equipment and then don't
> configure it correctly due to some dullard decison maker who knows
> nothing about networking and security.
>
> That business will most likely have a new  remote silent partner running
> their business in the next few days.
>
> My thoughts before coffee.....
>
> Dennis
>
> David Mandala wrote:
> >You have a pretty good start on a totally secure machine but I disagree
> >on a few details, to get a totally secure machine you need to put it in
> >a steel and concrete  vault, in there build a 10'x10'x10' form and fill
> >it with rebar steel, pour it 1/2 full of concrete then place the
> >computer in the center of mass and finish filling the form. When done
> >and concrete is hardened for at least a week you may have a totally
> >secure computer, but it could be cracked if someone was stubborn enough
> >and had enough time with a jackhammer. But the vault steel doors and
> >guards should stop the time and access required.
> >
> >Cheers,
> >
> >Davidm
> >
> >(-;
> >
> >On Sat, 2003-03-15 at 04:02, technomage wrote:
> >>-----BEGIN PGP SIGNED MESSAGE-----
> >>Hash: SHA1
> >>
> >>who is this "nutbar" who thinks they are totoally secure? I'd like to
> >> know so that I can avoid meeting him unless I have reason to.
> >>
> >>totally secure = power supply isolated, non-networked machine behind 2
> >> layers of steel doors and lots of guards.
> >>
> >>anything else is debatable.
> >>
> >>Technomage
> >>
> >>On Saturday 15 March 2003 03:17 am, Entelin wrote:
> >>>I have a client I am trying to convince to install a firewall, (eather
> >>>iptables or preferably cisco PIX). They have practicly every service
> >>>under the sun open, the only reason their tcp netbios ports are closed
> >>>is because cox filters them. The only reason I am having to convince
> >>>them of anything is because they have another linux tech working for
> >>>them and he is somehow convinced that they are completely secure "at the
> >>>deamon level" wrote a big email to my client saying they dident need to
> >>>install a firewall, or even close totaly unused ports on their box!
> >>>(they even had echo and chargen open before I at least convinced them to
> >>>close those ie: forged packet between echo and chargen = storm).
> >>>nevermind the two root exploits their sendmail is at risk for. and the
> >>>password sniffing of their login,telnet etc.. god..
> >>>
> >>>ANYWAY sorry for that rant. back on topic I was wondering if I could do
> >>>anything with these udp ports in absence of the filtered tcp netbios
> >>>ports. ? as in gain any kind of access or DoS.
> >>>
> >>>137/udp    open        netbios-ns
> >>>138/udp    open        netbios-dgm
> >>>139/udp    open        netbios-ssn
> >>>
> >>>Thanks :)
> >>>
> >>>---------------------------------------------------
> >>>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >>>To subscribe, unsubscribe, or to change  you mail settings:
> >>>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >>
> >>- --
> >>I will not be pushed, filed, stamped, indexed, briefed, debriefed, or
> >>numbered!
> >>My life is my own - No. 6
> >>-----BEGIN PGP SIGNATURE-----
> >>Version: GnuPG v1.0.7 (GNU/Linux)
> >>
> >>iD8DBQE+cwhOn/usgigAaLcRAs79AJ9Tty91a3ZorlD3pgKL9dBRRJSSzACeKW4U
> >>6v2lRe90Uh6uuJYQKty5ihg=
> >>=hUiC
> >>-----END PGP SIGNATURE-----
> >>
> >>---------------------------------------------------
> >>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >>To subscribe, unsubscribe, or to change  you mail settings:
> >>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

- -- 
I will not be pushed, filed, stamped, indexed, briefed, debriefed, or 
numbered!
My life is my own - No. 6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+c8DIn/usgigAaLcRAn6NAKCC9JCgoBRAK7Ei0AVirLz3kQ5E/wCggW4i
HvIjX1FkdEynSkCaGsi/xuo=
=SB0u
-----END PGP SIGNATURE-----