This hack is fun, any and all windows boxen insecure if you have login access. http://security.tombom.co.uk/shatter.html On Fri, 2002-08-09 at 12:48, Tony Wasson wrote: > Greetings PLUG readers, > > I am working on giving a security presentation to several medical offices. > New federal laws will require 'reasonable security measures' when handling > medical records (google search on HIPAA). I want to demonstrate some very > nasty and quick exploits to show that the threats are real. Many offices > will look at buying new billing packages before the end of 2004 to support > additional per user auditing features, and I'd love to put more offices onto > Linux. I'd also like to hear about medical billing packages that will run on > Linux. (Yes I know about http://www.linuxmednews.com/) > > Here's my exploit demonstration game plan: > 1) Run Netcat in listener mode on my demo PC. > 2) Run IIS5HACK against a Windows 2000 server. > 3) Show the Windows 2000 command prompt in my Netcat with no security > limitations. > 4) Copy over the NT Rootkit and 'deploy' it. > 5) Show that I am 'invisible' when connected to the Rootkit (netstat output) > > What do you recommend I demonstrate? Most offices I've seen are running > Windows 9x for clients and a Win NT/2000 server. Some run ancient *NIX boxes > and terminals. My clients are running Debian GNU/Linux servers. ;-) > > Most medical offices have internet connectivity, but it is usually dialup in > the doctor's office. I am going to play the part of a disgruntled employee > whose going to compromise their system. > > Thanks in advance for your input! > Tony Wasson > > > ________________________________________________ > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail. > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- David IS Mandala gpg fingerprint 8932 E7EF CCF5 1B8C 1B5C A92E C678 795E 45B2 D952 Phoenix, AZ (480) 460-7546 HP, (602) 321-8277 CP http://www.them.com/~davidm/