Does this mean you know of unpublished vulnerabilities and exploits for account privilege elevation on Windows-based systems? If you do, care to share? *8^) To me that's the real story here. The incident might be a lame excuse for attention but if unpublished vulnerabilities and exploits exist out there that are readily available, that should require some attention, I think. Just my $.02. *8^) I do recall that Brett Hill did the same kind of challenge for an IIS 5.0 box that had been locked down using just Microsoft technology (patches, IPSEC Filters, IIS Lockdown, and URLScan). I don't think his server was ever hacked. Granted, I don't believe he handed out local accounts or gave shell access to any users. Is there another report that confirms this was an account privilege elevation attack? I didn't see anything in this report that said SSH accounts were given to would-be hackers and now I'm curious as to the scope of the vulnerability. It's one thing to have a server compromised while knowing a user account and password on the box. It's another to be able to get a remote server to tell you what they are. Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. ________________________________ From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] Sent: Monday, March 06, 2006 4:17 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet http://www.ISAserver.org That article is bull. The guy gave local accounts aways via SSH. Local privilege escalation is a different ballbark. Do the same with windows, open RDP, and give people local accounts, I'm willing to bet it would take 30 minutes as well, maybe less - the funny part is just people taking this as some kind of "haha bad security" thing instead of "haha lamest excuse for attention ever" as it well should be. Pff. ________________________________ De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Envoyé : 6 mars 2006 15:07 À : [ISAserver.org Discussion List] Objet : [isalist] OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet http://www.ISAserver.org LOL: Mac OS X hacked in less than 30 minutes | Tech News on ZDNet: http://news.zdnet.com/2100-1009_22-6046197.html ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gauthiera@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gerald.young@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx