View previous topic :: View next topic |
Author |
Message |
T T Version Just Arrived
Joined: 08 Jul 2002 Posts: 0 Location: DA
|
Posted: Sun Mar 30, 2003 5:34 am Post subject: REMOTE logins |
|
|
do u all believe that those remote login softwares like vnc and pcanywhere have exploits.
they all work on there own ports.maybe there is a way to send data remotely on the same port some other way apart from using there gui what u think?.
is this posible man
|
|
Back to top |
|
|
myhatisred Just Arrived
Joined: 11 Jan 2003 Posts: 0
|
Posted: Sun Mar 30, 2003 8:08 am Post subject: |
|
|
Of course it's possible you just have to format the packets to look like they're being sent from PC Anywhere. Just remember one thing, NOTHING is 100% secure unless it's a standalone computer, in a concrete vault underground.
|
|
Back to top |
|
|
GSecur Trusted SF Member
Joined: 30 Sep 2002 Posts: 16777215
|
Posted: Sun Mar 30, 2003 8:54 am Post subject: |
|
|
Quote: |
do u all believe that those remote login softwares like vnc and pcanywhere have exploits.
|
Older versions of VNC have well documented exploits. Many home users of PCAnywhere do not even set a password on the service. (If you call that an exploit )
So the answer to your question is yes.
Quote: |
NOTHING is 100% secure unless it's a standalone computer, in a concrete vault underground. |
I'm not sure if anyone remembers this. But Microsoft use to claim that NT4.0 was c2config complient. But if you read the report, it was only that secure when disconnected from the network
|
|
Back to top |
|
|
T T Version Just Arrived
Joined: 08 Jul 2002 Posts: 0 Location: DA
|
Posted: Sun Mar 30, 2003 9:00 am Post subject: |
|
|
hahah aint that a bitch.
what do u mean by c2config complient anyway.?
|
|
Back to top |
|
|
GSecur Trusted SF Member
Joined: 30 Sep 2002 Posts: 16777215
|
Posted: Sun Mar 30, 2003 9:08 am Post subject: |
|
|
C2 Security Standard, it's a military (and or government) security standard that was outlined in the Orange Book.
It's a baseline for "Command & Control" systems. Or pretty much any computer system the military feels is mission essential.
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Mon Mar 31, 2003 5:32 am Post subject: |
|
|
So GSecur do you have any Signal time in? If so does any of these sound familar: 31S, 31P, 31U, 31W, 74B or 74C?
Or just contractor?
|
|
Back to top |
|
|
AudioPro Just Arrived
Joined: 13 Jan 2003 Posts: 0
|
Posted: Mon Mar 31, 2003 6:24 am Post subject: |
|
|
Older versions of VNC didn't watch for many failed login attempts in a row, so they were easy to brute force a login. That's been since updated, and I believe VNC now locks out logins after a small number of failed attempts in a row.
|
|
Back to top |
|
|
TheKingster Link Spammer
Joined: 03 May 2002 Posts: 0 Location: UK
|
Posted: Mon Mar 31, 2003 10:14 am Post subject: |
|
|
AudioPro wrote: |
Older versions of VNC didn't watch for many failed login attempts in a row, so they were easy to brute force a login. That's been since updated, and I believe VNC now locks out logins after a small number of failed attempts in a row. |
Yeh 3.
But if its left for a few minutes it resets itself and you get three attempts again.
|
|
Back to top |
|
|
GSecur Trusted SF Member
Joined: 30 Sep 2002 Posts: 16777215
|
Posted: Mon Mar 31, 2003 1:28 pm Post subject: |
|
|
Quote: |
So GSecur do you have any Signal time in? If so does any of these sound familar: 31S, 31P, 31U, 31W, 74B or 74C?
Or just contractor? |
Not a contractor Unfortunatly They were payed better.
Active duty Air Force (4 years) 3CO51 , a Computer Operator.
Sorry I never did an Signal Time
|
|
Back to top |
|
|
xion Just Arrived
Joined: 09 Apr 2003 Posts: 0
|
Posted: Wed Apr 09, 2003 8:35 pm Post subject: |
|
|
GSecur wrote: |
C2 Security Standard, it's a military (and or government) security standard that was outlined in the Orange Book.
|
ok sorry for the newbie question but what exactly is the Orange Book. I have read some where there are all kinds of these books. is there any way i can get them? and from where? =)
|
|
Back to top |
|
|
GSecur Trusted SF Member
Joined: 30 Sep 2002 Posts: 16777215
|
|
Back to top |
|
|
|