Re: Hacking sorted (OLD, Sorry)

From: Tony Maro (tony@maro.net)
Date: 09/02/00


I've been out of town vacationing in Florida for a while, so this reply
is kinda long in coming...

> -----Original Message-----
> From: Circle Discussion List [mailto:CIRCLE@post.queensu.ca]On Behalf Of
> The Merciless Lord of Everything
> Sent: Sunday, August 20, 2000 3:08 AM

> a matter of time), As I'm sure of all here on the list will agree on,
> "qwerty" is not a good password, neither is "barkerdog" or similar type
> passwords. Make it a bit harder, switch some letters for digits, People
> call this leet, but face it, what's fastest, breaking "barkerthedog" or
> "b4r|<3R-|-h|)0g" ?
>

At work, we remotely grabbed the registry out of one of our NT servers, ran
LophtCrack on it and in 30 minutes had 80% of the user's passwords.  The
admin passwords were cracked within 18 hours.  Every password was cracked
in 3 days.  And I did this from OUTSIDE our network with no knowledge of
the admin passwords.  Of cource I am the network admin, so it was a test
and not a hack :-) and can't be done anymore...

> How to do this on a Windows machine? I have no idea :), though I've held a
> Microsoft Certification, it has been invalidated with time, and much has
> happend in that field (Or at least I hope something has :), so can't help
> you there.

Actually, Windows 2000 seems _somewhat_ secure when set up properly.  My
solution was to put the MUD on a 192.168. address and have a port forwarding
firewall that ONLY allows port 4000 to get to that machine.  You connect to
the firewall on port 4000 and it transparently forwards the connection to
the MUD machine on port 4000.  I use Linux kernel 4.2 with IPTables (not
IPChains) to do this and it works beutifully.  I can also set up rules
at the firewall to allow or block based on subnets and many other criteria
to help keep DOS attacks from even reaching the MUD server.

--
"I didn't do it, nobody saw me do it, you can't prove a thing!"


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     |  http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html  |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 04/11/01 PDT