RE: [ok] Windows 2003 HAck

From: Todd Towles (toddtowles@brookshires.com)
Date: Wed Sep 08 2004 - 16:26:32 EDT


Anyone tested amap on a Windows 2003 box? I have it installed but never
really tested it. Any Comments?

Amap is a THC program - it maps applications to ports.

-----Original Message-----
From: Curt Purdy [mailto:purdy@tecman.com]
Sent: Wednesday, September 08, 2004 1:39 AM
To: dan57170@yahoo.com; pen-test@securityfocus.com
Subject: RE: [ok] Windows 2003 HAck

Daniel Regalado Arias wrote:
> I can tell you that the server has Terminal-Services port open, and
> others like 80, 8080, 25, pop3(Mail Exchanger), 135 y 139 (nat).
<snip>

If they are dumb enough to be running TS on 3389, they likely have an
easy
Administrator password. Why not just run a limited dictionary against
administrator?

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT