, SecurityFocus 2004-12-16
The U.S. Department of Homeland Security is having some homeland cyber security issues on its systems providing remote access to telecommuters, according to a newly-released report by the DHS Inspector General's office.
Expand all |
Post comment
Report: DHS cyber security lagging
2004-12-17
Anonymous (3 replies)
Anonymous (3 replies)
Report: DHS cyber security lagging
2004-12-20
Anonymous (1 replies)
Anonymous (1 replies)
Someone should inform Mr. Cooper about hash sniffing, and remote hash grabbing directly from servers (yes, even 2K3 servers) with pwdump3e & Co.
Any administrator, or someone with an admin or system service password, or someone who's able to escalate privileges, or someone esploiting a 0day for which a patch doesn't yet exist, or someone with social engineering skills, could successfully use pwdump3e against any 2000/2K3 server or workstation.
To do this, bad guys need only one password or a bug, and often it is not so difficult to have it.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/10148/29576#29576