| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: another windows zero day |
From: Mike N. On Fri, 13 Apr 2007 14:33:29 -0400, "Geo." wrote: >http://news.com.com/2100-7349_3-6175743.html > >zero day exploit for MS dns servers. Not a lot of details but it involves >rpc so may be related to dynamic dns updates. I think the dynamic DNS updates use standard protocols over port 53. There may be other variations such as Active Directory integration and remote management that are using the RPC interface to DNS. Interestingly enough, compromised hosts previously have consisted almost entirely of bots or LAMP hosts. In the last day, there have been some Unfirewalled Windows SBS 2003 popping up in the list of compromised hosts. [ But the bad guys still install Apache / PHP on them as a second web server because that's all they know how to do from their deployement kits! ] --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 5030/786 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.