By Robert Lemos
ZDNet News
May 3, 2001 12:11 PM PT
A hacker announced that time's up for system administrators who haven't patched Windows 2000 Web servers vulnerable to a flaw revealed by Microsoft two days ago.
The hacker--using the handle "Dark Spyrit"--released a program Wednesday night designed to exploit the security hole and give anyone with limited technical knowledge the ability to completely control a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.
While not a point-and-click program, the code--dubbed "jill.c"--could result in a new rash of attacks, especially this week, when online hooliganism has risen between U.S.-allied and China-allied vandals.
But Marc Maiffret, chief hacking officer for eEye Digital Security--the company that found the original flaw and reported it to Microsoft--said the code could prove a bit difficult for many online vandals.
"The code requires one more step than a lot of scripts, but it is not a hard step," he said. Maiffret analyzed the so-called exploit code submitted by Dark Spyrit and believes the design could help it fool many firewalls by essentially masquerading as a Web server.
Most Web servers use a specific connection, or "port," to send data to a browser. Because Web traffic is generally considered necessary for most companies, the data is rarely blocked by a firewall.
Want to learn more?
http://www.zdnet.com/zdnn/stories/news/0,4586,5082300,00.html
------------------
"I can't believe this. I got a midterm tomorrow, and I'm being chased by Guido the killer pimp."
ZDNet News
May 3, 2001 12:11 PM PT
A hacker announced that time's up for system administrators who haven't patched Windows 2000 Web servers vulnerable to a flaw revealed by Microsoft two days ago.
The hacker--using the handle "Dark Spyrit"--released a program Wednesday night designed to exploit the security hole and give anyone with limited technical knowledge the ability to completely control a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.
While not a point-and-click program, the code--dubbed "jill.c"--could result in a new rash of attacks, especially this week, when online hooliganism has risen between U.S.-allied and China-allied vandals.
But Marc Maiffret, chief hacking officer for eEye Digital Security--the company that found the original flaw and reported it to Microsoft--said the code could prove a bit difficult for many online vandals.
"The code requires one more step than a lot of scripts, but it is not a hard step," he said. Maiffret analyzed the so-called exploit code submitted by Dark Spyrit and believes the design could help it fool many firewalls by essentially masquerading as a Web server.
Most Web servers use a specific connection, or "port," to send data to a browser. Because Web traffic is generally considered necessary for most companies, the data is rarely blocked by a firewall.
Want to learn more?
http://www.zdnet.com/zdnn/stories/news/0,4586,5082300,00.html
------------------
"I can't believe this. I got a midterm tomorrow, and I'm being chased by Guido the killer pimp."