Security Basics mailing list archives

Re: hacking win2kPro out of the box

From: xyberpix <xyberpix () xyberpix com>
Date: Sat, 04 Dec 2004 15:35:42 +0000

There's a couple of links on my site that will give you some info on
various windows 2k attacks, have a lok under the hacking links.

HTH

xyberpix


On Fri, 2004-12-03 at 15:24 +0000, q q wrote:

Hello there.

I've just installed win2k pro on an ntfs drive, I'm running zonealarm
and AVG antivirus, and not much else. (no service packs, patches,
upgrades or anything else like that)

Does anyone have any information on common attacks for local
priviledge escalation, and ways to secure against these?

The sort of thing I'm looking for is a detail of an attack, followed
by the procedure(s) I would use to:

a) recover from it if neccessary
b) thwart future attacks of it's type.

I basically want to swap roles between hacker and sysadmin so I can
learn more about the best of both worlds.

The box is not connected to the net.

many thanks,
-h.

--- 
PHP, mySQL Security at http://www.puremango.co.uk

-- 
For Security and Open Source news and tips visit:

http://xyberpix.demon.co.uk

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

hacking win2kPro out of the box q q (Dec 03)
- RE: hacking win2kPro out of the box Philip Wagenaar (Dec 06)
- Re: hacking win2kPro out of the box xyberpix (Dec 06)
- <Possible follow-ups>
- Re: hacking win2kPro out of the box H Carvey (Dec 06)
- Re: hacking win2kPro out of the box miguel . dilaj (Dec 06)
- Re: hacking win2kPro out of the box H Carvey (Dec 07)