[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cs-club] Why IRC is blocked on campus

---<snip>---
Being 
> that there are thousands of computers on campus, it would be impossible to 
> track them all down before un blocking the port, as conceptually, someone 
> would have to physically visit all machines.  
---<snip>---
Ok, I was under the impression from your previous email that you already knew which small set of machines were compromised.

---<snip>---
Even if they had the manpower to visit all machines, each 
> computer seems to have been compromised manually, by a person, so there are 
> no static indications of the attack.  
---<snip>---
By manually, do you mean they had physical access to the machine?

---<snip>---
> However, a compromised computer is known in the security world as being 
> "owned".  Once a computer is owned it is not your computer anymore.  I 
> believe it would be possible for someone to use a compromised computer to 
> compromise other computers inside our network, because once they are inside 
> the netbios ports are no longer blocked from them.  Does this make sense to 
> anyone?
---<snip>---
No doubt it would be possible to compromise machines from inside the network.  You mentioned in your previous email that the exploit on the Netbios port allowed for a command-line.  What prevents someone from inside the network from using this exploit to do something on other people's machines besides IRC?
     -Brian

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup