LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-16-2003, 08:49 AM   #1
ranger_nemo
Senior Member
 
Registered: Feb 2003
Location: N'rn WI -- USA
Distribution: Kubuntu 8.04, ClarkConnect 4
Posts: 1,142

Rep: Reputation: 47
New Win XP Security Flaw


It's a little off topic, but a warning for anyone adminning Win XP computers...

There was a big thread on the last board I was on about being able to simply boot into runlevel 1 and get anything on the system. It started with somebody buying a computer off eBay and needing to get in and change the root password. People were going crazy about this; swearing up and down that it was the worst security they'd ever heard. They couldn't be convinced that boot-access to (almost) computer means you can get anything you want off it. Some even went so far as to say you could never do it in Win XP.

Well, there's a new article out. << HERE >> It says all you need to do is boot from a Win 2000 CD and go to the Recovery Console. You can then operate as Administrator without a password, and get any file off any user's account without a password. Pretty nice for the "most secure version ever" of Windows.
 
Old 02-16-2003, 09:11 AM   #2
fancypiper
Guru
 
Registered: Feb 2003
Location: Sparta, NC USA
Distribution: Ubuntu 10.04
Posts: 5,141

Rep: Reputation: 58
If a computer is not physically secure, it is insecure.

That's the first rule of security.

Security is a state of mind, not an operating system....
 
Old 02-16-2003, 10:15 PM   #3
ironwalker
Member
 
Registered: Feb 2003
Location: 1st hop-NYC/NewJersey shore,north....2nd hop-upstate....3rd hop-texas...4th hop-southdakota(sturgis)...5th hop-san diego.....6th hop-atlantic ocean! Final hop-resting in dreamland dreamwalking and meeting new people from past lives...gd' night.
Distribution: Siduction, the only way to do Debian Unstable
Posts: 506

Rep: Reputation: Disabled
Lightbulb

Of course just turning off boot from cd when ya dont need it and passwording bios and recovery console will help....but the creator of that stupid artical thats been floating around sites has got everybody up in a frenzy.
Tards..lol.
Besides doing what they said was nothing new...its been known.
 
Old 02-24-2003, 11:54 AM   #4
ghight
Member
 
Registered: Jan 2003
Location: Indiana
Distribution: Centos, RedHat Enterprise, Slackware
Posts: 524

Rep: Reputation: 30
There are and always will be "backdoors" like this for "disaster recovery". Anything with an operating system has atleast one, including Cisco PIX boxes and routers, Novell servers, Enterprise UNIX servers, etc. Hand someone a keyboard and in capable hands it's toast. Watch any geek show during security week and they'll show you how to break in to stuff like this if you have access to it. This should not surprise anyone!
 
Old 02-24-2003, 12:34 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,485
Blog Entries: 54

Rep: Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902Reputation: 2902
Well, not only "disaster recovery". Lotsa default login/passes are set up on install but aren't changed after. Where to find? I know at least one perfectly legal site exposing them (aprox 500 entries), the other went blank (1K entries).

//mod.note: Now if you mean PIX, do you mean the ISAKMP SA stuff?
Only interested clearing this up because w/o examples to go with your post it would mark you as a (potential) FUD spreader. I don't like that to happen here at LQ. We need to provide each others with *clear* problems and *clear answers.
 
Old 02-24-2003, 12:55 PM   #6
ghight
Member
 
Registered: Jan 2003
Location: Indiana
Distribution: Centos, RedHat Enterprise, Slackware
Posts: 524

Rep: Reputation: 30
Nope. Even easier than that. I don't want to be a "FUD spreader".

When I took my CCNA class we discussed how to reset the 'enable' password. Apparantly this is common knowledge and taught in EVERY CCNA class. We ended up discussing at length about this very topic. The presenter told us of numerous backdoors and their purposes including the PIX firewall.

As a side note, you can disable this backdoor, but most would discourage it, opting instead for physical isolation of the box.
 
Old 02-25-2003, 02:10 AM   #7
Jen
LQ Newbie
 
Registered: Oct 2002
Location: Camas, WA
Distribution: Slackware
Posts: 11

Rep: Reputation: 0
Quote:
Originally posted by ironwalker
Of course just turning off boot from cd when ya dont need it and passwording bios and recovery console will help....but the creator of that stupid artical thats been floating around sites has got everybody up in a frenzy.
Tards..lol.
Besides doing what they said was nothing new...its been known.
Then clearing the cmos will take care of the bios password.

Last edited by Jen; 02-25-2003 at 02:17 AM.
 
Old 02-25-2003, 02:25 AM   #8
fancypiper
Guru
 
Registered: Feb 2003
Location: Sparta, NC USA
Distribution: Ubuntu 10.04
Posts: 5,141

Rep: Reputation: 58
Did you know that Windows is more stable than Linux?

Last edited by fancypiper; 02-25-2003 at 02:31 AM.
 
Old 02-25-2003, 05:21 AM   #9
Thaidog
Member
 
Registered: Sep 2002
Location: Hilton Head, SC
Distribution: Gentoo
Posts: 616

Rep: Reputation: 32
there's two way to look at this

I took this security flaw as a hint to completely reformat my drive and reinstall win2000 over xp... hey, it was already in the drive!
 
Old 02-25-2003, 06:58 AM   #10
ghight
Member
 
Registered: Jan 2003
Location: Indiana
Distribution: Centos, RedHat Enterprise, Slackware
Posts: 524

Rep: Reputation: 30
Quote:
Originally posted by fancypiper
Did you know that Windows is more stable than Linux?
The only thing that could make that article more vague would be a "?" behind the title.

Translated quote from article:
"Uh, Windows could be more stable as long as you don't run any software on it and don't have any users, but we aren't going to admit it because we sell Linux too. Besides, we aren't too sure if it's more stable or not, so never mind."
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
firefox 1.0.6 - critical security flaw slackhack Linux - Security 3 09-23-2005 01:13 AM
News: Spoofing Is a Security Flaw ?? m_shroom Linux - Security 1 11-05-2004 08:57 PM
D-link Di-704p router security flaw fotoguy Linux - Networking 0 03-24-2003 05:35 AM
Is this a Linux security flaw ? josedsilva Linux - Security 3 05-24-2002 12:03 AM
Flaw weakens Linux security software nikhiljosh Linux - Security 0 03-03-2002 04:20 AM


All times are GMT -5. The time now is 07:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration