Ferry, The only possibility to get into a system that has no services running is getting the admin of that system to execute an application that creates a backdoor.
Or, if there is a fault in the networking stack, you may launch a network attack and let the stack execute code which can result in any kinda thing you like. Attacking a system without any service isnt easy but not impossible. Not even talking about just DoSing the system. Regards, Brenno > -----Original Message----- > From: Ferry van Steen [SMTP:[EMAIL PROTECTED]] > Sent: woensdag 10 juli 2002 18:09 > To: [EMAIL PROTECTED] > Subject: Cracking a server without services > > Hey there, > > I was just wondering. I know the rule is everything can be cracked. But > can > anyone point me to info on how to crack something with no ports open > or/and > perhaps tell me how that's called (so I can search...). To me it seems > impossible but I have a feeling that's a false sense of security and I'd > like to get a better understanding of this so I can take appropiate > actions > on my servers. Also I think this knowledge will come in handy in the > future > since I gotta write a firewall on linux for a DMZ and LAN set up in like a > week or so and I don't want to tell my boss that the webserver is the only > thing that can be cracked because that's the only service we run if that > ain't so, although the chance someone with that knowledge/expertise will > hunt us will probably be nihil. > > Kind regards, > > Ferry van Steen > InfoPart Automatisering B.V. > Beeksestraat 24 > 4841 GC Prinsenbeek > Phone: +31 (0)76 - 5 44 04 11 > Fax: +31 (0)76 - 5 41 83 51 > Mobile: +31 (0)6 - 28 46 47 45 > E-Mail (business): [EMAIL PROTECTED] > E-Mail (private): [EMAIL PROTECTED] > MSN Messenger: [EMAIL PROTECTED] > ICQ (UIN (seldom used)): 191458 >
