http://www.windowsitpro.com/authors/author/author/5777390/rsscomment/5777390en-USSun, 27 May 2012 07:22:53 GMTSun, 27 May 2012 07:22:53 GMThttp://www.windowsitpro.com/article/security/the-accidental-hacker-exploits-iis-bugs#commentsAnchorFri, 12 May 2000 02:45:16 GMT
After i have tested on my domain (www.myweidong.com), although there is no such bug but i’ve received an error message very often after the testing - http://www.myweidong.com/global.asa::$DATA. The error is" error ’ASP 0115’ Unexpected error /default.asp A trappable error occurred in an external object. The script cannot continue running. Not sure whether the ::$DATA have created some problem to it.]]>KC Goh Fri, 12 May 2000 02:45:16 GMThttp://www.windowsitpro.com/article/security/the-accidental-hacker-exploits-iis-bugs#commentsAnchorhttp://www.windowsitpro.com/article/security/sbs-site-server-secure-installation#commentsAnchorMon, 16 Aug 1999 02:12:27 GMT
Forgive my ignorance all you cisco gurus out there but the command: access-list 132 deny tcp any 555.555.15.0 0.0.0.255 range 135 139 seems to make no sense to me - how can there be a network address starting with 555.555.15.0 ? Should it be 255.255.15.0 - is it a misprint. A blow by blow explanation of what is being done on each line would be a huge help for a budding SBS installer like me. thanks, Rod (Full printout of sample code below) Listing 1: Sample Code for Adding Filters to a Cisco Router to Close NetBT Ports MyCisco>enable Password: MyCisco#configure terminal Enter configuration commands, one per line. End with CNTL/Z. MyCisco(config)#no access-list 132 MyCisco(config)#access-list 132 deny tcp any 555.555.15.0 0.0.0.255 range 135 139 MyCisco(config)#access-list 132 deny tcp any 555.555.15.0 0.0.0.255 eq 1433 MyCisco(config)#access-list 132 deny udp any 555.555.15.0 0.0.0.255 eq 1433 MyCisco(config)#access-list 132 deny udp any 555.555.15.0 0.0.0.255 range 135 139 MyCisco(config)#access-list 132 permit ip any any MyCisco(config)#no access-list 111 MyCisco(config)#access-list 111 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255 MyCisco(config)#access-list 111 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255 MyCisco(config)#access-list 111 deny ip 192.168.0.0 0.0.255.255 255.255.0.0 0.0.255.255 MyCisco(config)#access-list 111 deny ip host 0.0.0.0 host 0.0.0.0 MyCisco(config)#access-list 111 permit ip any any MyCisco(config)#interface serial0 MyCisco(config-if)#ip access-group 132 IN MyCisco(config-if)#ip access-group 111 OUT MyCisco(config-if)#exit MyCisco(config)#exit MyCisco#copy running-config startup-config Building configuration... [OK]]]>Rod Bland Mon, 16 Aug 1999 02:12:27 GMThttp://www.windowsitpro.com/article/security/sbs-site-server-secure-installation#commentsAnchorhttp://www.windowsitpro.com/article/internet/the-accidental-hacker#commentsAnchorWed, 11 Aug 1999 09:33:20 GMT
While rereading Andrey Kruchkov’s “The Accidental Hacker” (February), I was struck by the phrase, “If anyone knows what I can do with 74,342 credit card numbers, please call me .” Although I certainly don’t want online traders to store my credit card details 1 second longer than necessary to complete the transaction, nothing is stopping them from keeping that information on file. Do you think this practice is widespread?
--Graham Hill

I was joking. Most E-shops don’t store credit card information longer than necessary for authorization purposes (e.g., a store built with Microsoft Site Server 3.0, Commerce Edition doesn’t store credit card information anywhere in the system by default). However, some sites store credit card information for billing purposes. For example, sites that charge a monthly subscription fee store credit card information so that they can automatically bill subscribers for the next month. A problem can occur with credit card authorization software. Most credit card authorization software packages have a debugging mode, during which the software stores all transaction information in a log file. If a company’s IS staff forgets to turn off the debugging mode after installing the software, this log file can be a good starting point for hackers. Anyway, I use my credit card for online transactions, and I believe the process is safe. Just work with well-known sites that have a history of happy customers.
--Andrey Kruchkov]]>Graham Hill Wed, 11 Aug 1999 09:33:20 GMThttp://www.windowsitpro.com/article/internet/the-accidental-hacker#commentsAnchorhttp://www.windowsitpro.com/article/internet/the-accidental-hacker#commentsAnchorTue, 10 Aug 1999 15:14:53 GMT
I really liked Andrey Kruchkov’s February article, “The Accidental Hacker,” which was about NT security issues. The author’s company, Quarta, is well-known as one of the leading Microsoft partners in the Russian market and is the home for the local NT users’ group. Some time ago, I broke into Quarta’s site. I exploited one of the bugs described in the article and changed their front page logo from Quarta Ltd to Pinta Ltd, without damaging the site. I broke in solely because a friend wanted to prove to a friend of his who worked for Quarta that its site was not secure. So the point is that even security experts sometimes have their Web sites unprotected. Thanks for a good publication.
--Dmitri

This incident occurred a year before I came to work at Quarta. This case also shows that the best hackers live in Russia. But seriously, here is Quarta’s version of the story: When Internet Information Server (IIS) 1.0 came out, we installed it on a production server just a few days before a bug was found in IIS 1.0 implementation (and in Netscape and some other Web servers for Windows NT). You can read more about this bug at http://www.ntsecurity.com/ News/bugs/report.html. This bug was found Friday evening and the Moscow staff had gone home. At that time, we hadn’t started Web-hosting for customers and didn’t have round-the-clock support on site. When our administrator came to work on Monday, he installed the hotfix and looked at logfiles. He found that some hacker had changed a .gif file. For 20 minutes, our server showed a picture of a pretty, naked girl. Our administrator discovered the hacker’s IP-address and sent the logfile showing who hacked us, how, and when. The hacker came to our booth at the next computer exhibition and apologized. After this incident, we made some changes on our site. Our internal security is much stronger, and we have 24-hour support. We think that we are more secure than most sites on the Internet today.
--Andrey Kruchkov]]>IvanTue, 10 Aug 1999 15:14:53 GMThttp://www.windowsitpro.com/article/internet/the-accidental-hacker#commentsAnchor