 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Tue, 6 Aug 2002, Derek D. Martin wrote: > If you're relying on Windows privileges to secure your network, you're > basically screwed. A whitepater was released today detailing how to > gain localsystem privileges on any Win32-based platform. And the > kicker is, because it takes advantage of a fundamental flaw in the > design of Windows, it's basically unpatchable, requiring a complete > overhaul of the Windows messaging system to fix. > > And the best part is, if you're providing terminal services via a > Citrix server, anyone can own your server, and you'll never be able to > stop them... > > http://security.tombom.co.uk/shatter.html > I read this in detail, and I hate to admit that I agree with Microsoft. Once bad people are sitting logged onto your machine, you should already considered it compromised, regardless of what techniques the bad person has at their disposal. ---------------------------------------------------------------------------- DDDD David Kramer david at thekramers.net http://thekramers.net DK KD Some people have told me they don't think a fat penguin really DKK D embodies the grace of Linux, which just tells me they have never seen DK KD an angry penguin charging at them in excess of 100mph. They'd be a DDDD lot more careful about what they say if they had. Linus Torvalds
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
