Yes, start with little fish and use them as bait for the bigger fish .... The trick with "Compromising" a network is that you dont try and hack the server first, you compromise a less likely target (e.g. a desktop, sniff for traffic from that and then look for bigger targets, plus it gives you a launching pad ....) .. these boxes are usually less secure (what desktop support person really locks down a PC these days ??) .. then munge the box (just for fun) letting it give off errors that would require the services of a sysadmin ... and wait for them to make a mistake (eg: get software from another server ... all credentials are now owned ....)
Remeber, all it takes is one sysadmin to use an rdp client from a compromised box (or any form of remote control software) and a well crafted keyboard logger ... you get the drift .... most sysadmins give themselves admin privilieges, you have access to the internal network, and their credentials .... Security is really all about the weakest possible link, once you've broken that you can pretty much get whatever you want; The solution is, well to be quite blunt, be as paranoid as possible, lock down things that shouldnt be seen, watch your internal users (60% of hacks come from the inside). ----- Original Message ----- From: "Sumit Dhar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 19, 2002 11:25 AM Subject: Network Security Related Query > Hello All, > > I was wondering... If I have read/write access to a windows machine on > some company's network, could I compromise the entire network's security > in some way because of this access?? > > Sumit Dhar [http://dhar.homelinux.com/dhar/] > Manager [Research and Product Development] > SLMsoft.com > > -- > pub 1024D/12F93276 2002-05-23 Sumit Dhar <[EMAIL PROTECTED]> > Key fingerprint = EC26 546C 53D1 A549 6763 AB29 310C 6462 12F9 3276 > > >
