Security Basics mailing list archives
RE: Compromised Server Project
From: "Anders Reed Mohn" <anders_rm () utepils com>
Date: Tue, 11 Feb 2003 18:04:17 +0100
I keep reading how quickly unsecured servers on high speed connections can be compromised. Is it really as bad as they keep saying? Just how long could a server (IIS 6 on Windows 2003 Server RC2) remain safe when just sitting quietly and not offering an Internet presence?
That's a question with a pretty random answer, isn't it? But of course, there are loads of factors that come into play. To mention some: - Amount of software installed on the box - Size of providers network (some worms prefer visiting neighbours) - As someone else said: how well known is the ISP? - Which worms are on the loose at the moment? etc, etc, etc..... I've tried this a few times myself, and have seen everything from a couple of seconds to several hours. Also, your box being as "boring" as it is, I'd guess skilled hackers would spot that, and not give a **** (or smell a rat) leaving it for the script kiddies, who probably neither know how to get in properly, nor care to mount specific attacks at single targets. My guess, anyway :) Cheers, Anders :)
Current thread:
- Compromised Server Project Hunt, Jim (Feb 10)
- <Possible follow-ups>
- RE: Compromised Server Project Anthony, Shayla (Feb 10)
- RE: Compromised Server Project Shanna Daly (Feb 10)
- irc port open on 6668/tcp and 6667/tcp Harish Gondavale (Feb 11)
- Re: irc port open on 6668/tcp and 6667/tcp Mike Dresser (Feb 12)
- irc port open on 6668/tcp and 6667/tcp Harish Gondavale (Feb 11)
- RE: Compromised Server Project Anders Reed Mohn (Feb 11)
- RE: Compromised Server Project s7726 (Feb 12)
- Re: Compromised Server Project Brian Wojtczak ( Lawyers Online ) (Feb 12)