Full Disclosure mailing list archives
Re: Removing the NIC cable = EoP?
From: "Greg" <full-disclosure3 () pchandyman com au>
Date: Fri, 6 Oct 2006 14:15:35 +1000
-----Original Message----- From: Pink Hat [mailto:pinkhat.h4x0r () gmail com] Sent: Wednesday, 4 October 2006 2:45 AM To: Tonnerre Lombard Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Removing the NIC cable = EoP?
Wrong.
It is about getting local admin rights in this case as the so called
attack scenario requires it.
List -- this is so easy to disprove yet we have all kinds of so called
security professonals and in this case a (wow, I am almost pissing > myself) BSD Kernel hacker, stating that they feel its a possible attack.
Go grab VMWare and various windows versions from your favorite warez site
and spend the time to actually try things and understand how
the technology works before you comment.
The bottom line is that what was posted on that site about "hacking high
school computers" is false. I have been reading this thread on FD because there was something nagging at my memory and I was hoping one of you might prod it to life. Unfortunately you didn't but apparently the "My Documents" in my head defragged itself and spit out the old answer. This idea is a fake and I believe I know from whence it may have come. Back in the 80s when having Internet to a home was about as cheap as buying a 747SP (not 747B, you couldn't afford that one with an Internet yearly payment), there used to exist the old BBS scene. That is, Bulletin Boards that you rang directly to using your 2400BPS modem (or even earlier for those of you who remember the old 300/300 days). Some BBSs used to be correctly written and upon loss of carrier would cancel the session and reset to the start of the program, awaiting a new call. Some would not. Some would sit there and time out before resetting while some would just sit there endlessly. The result of the latter 2 was that someone ringing in after the person who just cut the carrier would end up logged on under that person's access and do whatever that person was capable of doing on that BBS. This sounds like what this whole discussion has been based upon though updated to today's standards. There was a case in the early 90s where you could pull the networking cable out and put it into another computer and assume the network rights of the computer that had it before. Heck, there were some of us who used to do that to check that whatever the whinger was having a whinge about was right or not. The point is, those days of "I am not hacking, I am helping" in the case of the network cable or "Shit! Look at what this idiot has done!" in the case of the modem dropper has not existed, to my meagre knowledge, in a very long time. I do know the early days of the 90s in some ISPs when they were learning their craft of security, you might actually logon and find yourself with someone else's accounts, too. Happened quite accidentally to me once. Rang in on dial up and found I was logged on as someone I didn't know before I could do a thing. THOSE problems are long gone as well. So, I believe that unless there is something I am sadly missing - and let's be honest here, I admit I could be missing something - this seems all to be a load of bullshit. I honest-to-God(Allah, Buddha, whomever) don't really know of any program for communication purposes in serious use these days that is so damned stupid unless it is at least 15 years old. Therefore - PLEASE, someone correct me, point out the error of my ways by either providing the relevant info directly or the link if you are bone lazy like me - or in the absence of such proof, may we now decide this is a load of "politician truth" (that being the same stuff you get from the arse end of a bull)?????? Thank you, Signed - Don't-know-nuffin. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Removing the NIC cable = EoP?, (continued)
- Re: Removing the NIC cable = EoP? Vincent Archer (Oct 03)
- Re: Removing the NIC cable = EoP? Tim (Oct 03)
- Re: Removing the NIC cable = EoP? Tim (Oct 03)
- Re: Removing the NIC cable = EoP? Pink Hat (Oct 03)
- Re: Removing the NIC cable = EoP? Lee Turner (Oct 04)
- Re: Removing the NIC cable = EoP? Pink Hat (Oct 04)
- Re: Removing the NIC cable = EoP? Tonnerre Lombard (Oct 03)
- Re: Removing the NIC cable = EoP? c0redump (Oct 03)
- Re: Removing the NIC cable = EoP? Valdis . Kletnieks (Oct 03)
- Re: Removing the NIC cable = EoP? Pink Hat (Oct 03)
- Re: Removing the NIC cable = EoP? Greg (Oct 05)
- Re: Removing the NIC cable = EoP? joshua () nave ws (Oct 06)
- Re: Removing the NIC cable = EoP? Jessica Hope (Oct 06)
- Re: Removing the NIC cable = EoP? James (njan) Eaton-Lee (Oct 06)
- Re: Removing the NIC cable = EoP? Greg (Oct 06)