Re: [foxboro] SOlaris Security was network locked

• From: "Toecker, Michael" <mtoecker@xxxxxxxxxxxx>
• To: <foxboro@xxxxxxxxxxxxx>
• Date: Thu, 7 May 2009 13:24:57 -0500

David,

Yes, these systems are effectively open to any once you find your way on
to either the "2nd Ethernet Port" network or the Foxboro internal
network.

Isolation from corporate networks and vigilant perimeter security can
help with this vulnerability to basic script kiddie stuff, but not
prevent it completely.  

It also doesn't help that the IA account password is just about as
standard across systems as a "ps -ef".

Welcome to my life.  :)

Sincerely,
 
Michael Toecker
Control System Security Designer
Compliance & Infrastructure Protection
Burns & McDonnell Engineering

-----Original Message-----
From: foxboro-bounce@xxxxxxxxxxxxx [mailto:foxboro-bounce@xxxxxxxxxxxxx]
On Behalf Of David Johnson
Sent: Wednesday, May 06, 2009 8:34 AM
To: foxboro@xxxxxxxxxxxxx
Subject: [foxboro] SOlaris Security was network locked

Corey,

Last weekend, my son and some of his hacker friends wanted to do some 
testing in our office.  Using nothing but Zenmap and metasploit they 
had root access on a 51B (Solaris 2.5.1) after about 20 minutes of 
playing.  I was not too surprised, but it did underscore the fact 
that these are pretty open.  The funny part was after running 
"ls"  and "pwd" they started asking me for unix commands to 
run.  Script kiddies yes, unix savvy no.  The Solaris 8 boxes are 
significantly better, at least the high schoolers didn't get into it 
so easily.

Regards,
David


 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 
 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 

• References:
  • Re: [foxboro] network locked
    • From: dirk . pauwels
  • Re: [foxboro] network locked
    • From: Corey R Clingo
  • [foxboro] SOlaris Security was network locked
    • From: David Johnson

Other related posts:

• » Re: [foxboro] SOlaris Security was network locked - Toecker, Michael

1. Home
2. foxboro
3. Archive
4. 05-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---