__/ [ GreyCloud ] on Thursday 08 June 2006 20:46 \__
Roy Schestowitz wrote:
Firms still leaving door open to hackers
,----[ Quote ]
| Three in five (61 per cent) firms audited by UK-based penetration
| testing firm NTA Monitor have one or more high risk vulnerabilities on
| their internet connections.
|
| NTA classifies a high risk flaw as a vulnerability that allows
| unauthorised external users to obtain system access, leaving
| organisations susceptible to Denial of Service attacks or
| remote system compromise.
`----
http://www.theregister.co.uk/2006/06/08/nta_monitor_security_survey/
http://www.wired.com/news/technology/0,1282,56392,00.html
This Gary McKinnons access to mil networks was easier than they let it
to be. In an interview, he found many mil networks with blank password
accounts. The question now becomes, if you login from the front door is
this really hacking?
An interesting legal issue.
What about the UNIX system at UBS [1]? The guy planted scripts in the servers
and it all 'blew up' yesterday. He was a system administrator with full
privileges at the time. Not much of a legal issue (it is all darn obvious),
but it comes to show that only negligence or inside access can defeat *nix.