Open udp netbios ports.
Dennis Davis
plug-discuss@lists.plug.phoenix.az.us
Sat, 15 Mar 2003 09:03:20 -0700
It's amazing, spend all that money for good equipment and then don't
configure it correctly due to some dullard decison maker who knows
nothing about networking and security.
That business will most likely have a new remote silent partner running
their business in the next few days.
My thoughts before coffee.....
Dennis
David Mandala wrote:
>You have a pretty good start on a totally secure machine but I disagree
>on a few details, to get a totally secure machine you need to put it in
>a steel and concrete vault, in there build a 10'x10'x10' form and fill
>it with rebar steel, pour it 1/2 full of concrete then place the
>computer in the center of mass and finish filling the form. When done
>and concrete is hardened for at least a week you may have a totally
>secure computer, but it could be cracked if someone was stubborn enough
>and had enough time with a jackhammer. But the vault steel doors and
>guards should stop the time and access required.
>
>Cheers,
>
>Davidm
>
>(-;
>
>
>
>On Sat, 2003-03-15 at 04:02, technomage wrote:
>
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>who is this "nutbar" who thinks they are totoally secure? I'd like to know so
>>that I can avoid meeting him unless I have reason to.
>>
>>totally secure = power supply isolated, non-networked machine behind 2 layers
>>of steel doors and lots of guards.
>>
>>anything else is debatable.
>>
>>Technomage
>>
>>On Saturday 15 March 2003 03:17 am, Entelin wrote:
>>
>>
>>>I have a client I am trying to convince to install a firewall, (eather
>>>iptables or preferably cisco PIX). They have practicly every service
>>>under the sun open, the only reason their tcp netbios ports are closed
>>>is because cox filters them. The only reason I am having to convince
>>>them of anything is because they have another linux tech working for
>>>them and he is somehow convinced that they are completely secure "at the
>>>deamon level" wrote a big email to my client saying they dident need to
>>>install a firewall, or even close totaly unused ports on their box!
>>>(they even had echo and chargen open before I at least convinced them to
>>>close those ie: forged packet between echo and chargen = storm).
>>>nevermind the two root exploits their sendmail is at risk for. and the
>>>password sniffing of their login,telnet etc.. god..
>>>
>>>ANYWAY sorry for that rant. back on topic I was wondering if I could do
>>>anything with these udp ports in absence of the filtered tcp netbios
>>>ports. ? as in gain any kind of access or DoS.
>>>
>>>137/udp open netbios-ns
>>>138/udp open netbios-dgm
>>>139/udp open netbios-ssn
>>>
>>>Thanks :)
>>>
>>>---------------------------------------------------
>>>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>>To subscribe, unsubscribe, or to change you mail settings:
>>>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>>
>>- --
>>I will not be pushed, filed, stamped, indexed, briefed, debriefed, or
>>numbered!
>>My life is my own - No. 6
>>-----BEGIN PGP SIGNATURE-----
>>Version: GnuPG v1.0.7 (GNU/Linux)
>>
>>iD8DBQE+cwhOn/usgigAaLcRAs79AJ9Tty91a3ZorlD3pgKL9dBRRJSSzACeKW4U
>>6v2lRe90Uh6uuJYQKty5ihg=
>>=hUiC
>>-----END PGP SIGNATURE-----
>>
>>---------------------------------------------------
>>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>To subscribe, unsubscribe, or to change you mail settings:
>>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>>