Re: Auto-Run CD - Disabling ScreenSavers

[jaymz ringler <adminjaymz () sperrytv com>]

oddly enough, I was just doing a little light reading over lunch just
now.   and flipped through and on page 145 in Hacking Exposed 4th
edition.

this page covers this very topic.  the Screen Saver - CD Autorun
vulnerability.   

You can load any program onto a cd such as Back Orafice or NetBus.   And
create a auto run file and point it to the NetBus server.exe
and it will run any program specified in the autorun file.

In the book they mention a utility to run with the autorun file  
95sscrk from  http://users.aol.com/jpeschel/crack.htm   there's also
mention of another SSBypass from http://www.amecisco.com/ssbypass.htm
for $40.

I haven't tried doing this under 2k but I'm assuming it doesn't affect
2k.   as they say in the book that the cure for this problem in NT and
98 is an upgrade to 2k.  ....



---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------