__/ [ GreyCloud ] on Thursday 08 June 2006 20:46 \__
> Roy Schestowitz wrote:
>
>> Firms still leaving door open to hackers
>>
>> ,----[ Quote ]
>> | Three in five (61 per cent) firms audited by UK-based penetration
>> | testing firm NTA Monitor have one or more high risk vulnerabilities on
>> | their internet connections.
>> |
>> | NTA classifies a high risk flaw as a vulnerability that allows
>> | unauthorised external users to obtain system access, leaving
>> | organisations susceptible to Denial of Service attacks or
>> | remote system compromise.
>> `----
>>
>> http://www.theregister.co.uk/2006/06/08/nta_monitor_security_survey/
>
> http://www.wired.com/news/technology/0,1282,56392,00.html
>
> This Gary McKinnons access to mil networks was easier than they let it
> to be. In an interview, he found many mil networks with blank password
> accounts. The question now becomes, if you login from the front door is
> this really hacking?
>
> An interesting legal issue.
What about the UNIX system at UBS [1]? The guy planted scripts in the servers
and it all 'blew up' yesterday. He was a system administrator with full
privileges at the time. Not much of a legal issue (it is all darn obvious),
but it comes to show that only negligence or inside access can defeat *nix.
[1]
http://news.yahoo.com/s/cmp/188702216;_ylt=AqpE_.44IePoRHvB1JJcZV4jtBAF;_ylu=X3oDMTA0cDJlYmhvBHNlYwM-
|
|